fb2949a42cbf874eaee138258b4f7247_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb2949a42cbf874eaee138258b4f7247_JaffaCakes118
Size

3KB
MD5

fb2949a42cbf874eaee138258b4f7247
SHA1

a8f46dba244719baa6127aa3cac1490fcfedf8a7
SHA256

3b2e210b3c8e803d9a1f3d8b0100b8950f59c7d3813d68296ade0a1bbf61a5f6
SHA512

7130fbf93519c3552f80d54884e21b674dab5149ef85856ca8dfe0c1aceb0570b776f69fb4b91652fd777323684411a101fe065f0035c7908329761889241e81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb2949a42cbf874eaee138258b4f7247_JaffaCakes118

Files

fb2949a42cbf874eaee138258b4f7247_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b186a988468f9235b3e65e948c8470e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Project\Downloader\Release\Downloader.pdb

Imports

kernel32

WinExec
CloseHandle
WriteFile
CreateFileA
Sleep
GetLastError
SetLastError
GlobalAlloc
GetProcAddress
LoadLibraryA

user32

wsprintfA

Sections

.text
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 637B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE