2f49f3ec543e4017bbc55f842e8745e5_JaffaCakes118 | Triage

Sharing

General

Target

2f49f3ec543e4017bbc55f842e8745e5_JaffaCakes118
Size

77KB
MD5

2f49f3ec543e4017bbc55f842e8745e5
SHA1

037189a17a01852b62593fc3cdb89a476a254e94
SHA256

3f4fe1a04d95d4d414da7a42c272ef718f1edc06d3dc51876eb23450cececef4
SHA512

57b55df2a57b38fe338e560c9a18ddc1461aa239c751c4315d3ca6668395db5d5abff7c8505673fe4de39860babc4ef61dddfbb8020d3c1556889ffd250d9755
SSDEEP

1536:kVa+aE8GuXmQy+oVOB5UoPVNqhZGL0p3OMcZx:kw+aE02bvpgVNqM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f49f3ec543e4017bbc55f842e8745e5_JaffaCakes118

Files

2f49f3ec543e4017bbc55f842e8745e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5590ff292b9b6ed9301f25498ae7d265

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
exit
towupper
__setusermatherr
_acmdln
__set_app_type
free
_initterm
__p__fmode
_exit
cos
_XcptFilter
_adjust_fdiv
_except_handler3
iswspace
__getmainargs
malloc
_ismbblead

kernel32

RemoveDirectoryA
GetModuleHandleW
Sleep
VirtualProtect
GetStartupInfoA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ