be2d2c4d93399f3172f3ad7ba80a59da_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be2d2c4d93399f3172f3ad7ba80a59da_JaffaCakes118
Size

637KB
MD5

be2d2c4d93399f3172f3ad7ba80a59da
SHA1

0697d2d1a3f4d27ae80c9a0fcee58a9e61f65b8c
SHA256

b1dc9a3c1f78006e79bfbf89bd12fcc950607235dcc9a8ed4c3c6649ccaa2935
SHA512

f2dd303d8c9d5fd254905a0fc07d609d65d7175ac4b99626692d356ce5298b407e337083b2c141910bbb21e2af55f3b3fc9af793fac38cfbad4b77ddbce29cf4
SSDEEP

12288:/W2pEpR3sKVkndV1BnIm0kAHqDP3Hu2/hUA3hBxETWYZc+O4:/WoIR3sKVyV5ImnAHy3rx/E6YhO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be2d2c4d93399f3172f3ad7ba80a59da_JaffaCakes118

Files

be2d2c4d93399f3172f3ad7ba80a59da_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2ed0b6e28b1e742765ef39a145eeeeec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
WriteFile
GetCommandLineA
lstrcatA
GetTempFileNameA
GetTempPathA

crtdll

_mkdir
_getcwd

shell32

ShellExecuteA

shlwapi

PathQuoteSpacesA
PathAddBackslashA

user32

wsprintfA

Sections

.flat
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 512B - Virtual size: 393B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 474KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE