2adc6fca04f78d608ebce775957a689f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2adc6fca04f78d608ebce775957a689f_JaffaCakes118
Size

87KB
MD5

2adc6fca04f78d608ebce775957a689f
SHA1

13419ff66960e6ace38b33869bf5764b1669e638
SHA256

522d4f7120f51b6eb0efbeffb439c2d2c8521b302fa59cb1b45e0d3af9064821
SHA512

ea29fba6b5cd5cdfb21b67ec59e8d3242968e692f1201e8625889338753bf20ebad5d227714a5242996b3201336733766a1590fd4151e54d470da2b8252a2cc9
SSDEEP

1536:3QW/q0Af/gnwecIIi21on7+sBk4V+BYQZ/76VoidpIuIdzQRtF7C7efImWioY:3NkQw5dh1gBBk4V0YO2XdOZE9LWG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2adc6fca04f78d608ebce775957a689f_JaffaCakes118

Files

2adc6fca04f78d608ebce775957a689f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0fe6d0be73fb2ed56558f224402387aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
TerminateProcess
SetPriorityClass
VirtualProtect
SetLastError
GetStartupInfoA
GetModuleFileNameA

user32

BeginPaint
GetUserObjectInformationA

Exports

Exports

CreateNrmgkfn
Vsaufkwekup

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rcode
Size: 544B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ