2f622090c59d03ca630fbbab61b5d3ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f622090c59d03ca630fbbab61b5d3ef_JaffaCakes118
Size

58KB
MD5

2f622090c59d03ca630fbbab61b5d3ef
SHA1

7fec83c544555b734eafcee971c08f7e33de0e82
SHA256

c5077d54068bffd19e57003da1ff0a725ab79cb088f3fb9d993b72630c0667d9
SHA512

92539bb957825020c5f06e857f679d360ccdad1dd4c5abf1e58a12075dcc85d73516235562a46b4f518bfa15d6785985846613d314e178fd22934e1fc97017ef
SSDEEP

768:JOXLPxo4pSiL8K8oD3L/72TcSTtOG+Oqeh7/Pckzj6sWdxOfLSe2NcAClP0txvAw:Jorxo4jQKetTBhThWlzZ6AClP0MkXfI8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f622090c59d03ca630fbbab61b5d3ef_JaffaCakes118

Files

2f622090c59d03ca630fbbab61b5d3ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

132f1bb38621ebfba61e550992e3abfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegOpenKeyA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE