2fbd86cf0aaa116c4e5e8416ddd251c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2fbd86cf0aaa116c4e5e8416ddd251c9_JaffaCakes118
Size

4KB
MD5

2fbd86cf0aaa116c4e5e8416ddd251c9
SHA1

f7a47aaecea476842c29f7294a3b4dea7a217799
SHA256

2c73c8eec1091e96864f8b47816b243fa119921fc3ed5b47cec22f8cb59827a8
SHA512

a0e31d7e65afea1491c740d6dbcdcf5f06275325affbf7e34cbcbcced61e09d6521d4615d76570a6b996f26fb33be415d13bf89782bd49de67ebc8c6b5b38fa1
SSDEEP

48:6scWqOvFESEZKwyS6n900eZ66oT6K//j28Dq999ncAMP/n3Bv:rrqONm16n900eM6u6qa8Dq999ncr3Bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fbd86cf0aaa116c4e5e8416ddd251c9_JaffaCakes118

Files

2fbd86cf0aaa116c4e5e8416ddd251c9_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3ffc28bf37d7eec2bc6c83618fd066e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

DeleteFileA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
CopyFileA
RtlUnwind

user32

GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DefWindowProcA

advapi32

RegFlushKey
RegOpenKeyExA
RegSetValueExA

crtdll

__GetMainArgs
_sleep
exit
raise
signal
strchr

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 320B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 964B - Virtual size: 964B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE