a2beb43f73ac7190a963b0549d48e30a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2beb43f73ac7190a963b0549d48e30a_JaffaCakes118
Size

28KB
MD5

a2beb43f73ac7190a963b0549d48e30a
SHA1

8d42c6b4d87ffd1ec37bff159317600ee61d6d0f
SHA256

3034723231c834380422cbaf1a51102332596b21edd88d76bbc19bb46889db94
SHA512

7e1835298e56f3f7fc31528c4f8abeeccfb9207248fed0eb082b59c831eef3c51990b2f9100ba913f05cf6a4bd9ab1d76523c0db36f33c1a3bdc6ccdf131938d
SSDEEP

768:rENHZP1fEIOZXwSVb5qjVL6U8vnWONZQpR6/JgHK:oNLxOpwSVQZL6Vz1/oK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2beb43f73ac7190a963b0549d48e30a_JaffaCakes118

Files

a2beb43f73ac7190a963b0549d48e30a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bce544ceb54c3111812bd82f0729bd6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetVersion
GetCurrentProcess
GetTimeZoneInformation
GetFileAttributesA
MultiByteToWideChar
FreeEnvironmentStringsW
GetStdHandle
lstrcmpA
GetLocaleInfoW
GetConsoleOutputCP
GetEnvironmentVariableA
FindClose
EnterCriticalSection
FlushFileBuffers
HeapAlloc

msvcrt

fseek
__getmainargs
memmove
_exit
_isctype

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE