2a705b12284e86f8444cde755149719d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a705b12284e86f8444cde755149719d_JaffaCakes118
Size

13KB
MD5

2a705b12284e86f8444cde755149719d
SHA1

9f3fd9d3d3e62604e9453478dd577bb0e66052cb
SHA256

d3c8b3b236b7a7c4d2dee93a2d40af50e24a1dd20116f6fc6d62bee82e27d939
SHA512

ac186bfe72591bffaa7b0532eb0ed90993e65f7d630e92f51ef37ba41c36e07a20136790765a6463194245be2f68953256f4a95244c574990a08a74746ed12bf
SSDEEP

192:b7ykFcCL5w5zuZPpFA45y6XnWelORf29PMxwjrXXQ1iknSP1oy:vLFcC1w5zgPHlORaNQ1ik81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a705b12284e86f8444cde755149719d_JaffaCakes118

Files

2a705b12284e86f8444cde755149719d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b60da8533c13287d6d9e95d1cc2c42a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
CreateProcessA
GetVolumeInformationA
GetTempFileNameA
Sleep
GetModuleFileNameA
GetTempPathA
GetLastError
GetCurrentProcess
CloseHandle
lstrcatA
Process32First
CreateToolhelp32Snapshot
GetTickCount
ExitProcess
CreateThread
CreateFileMappingA
SetErrorMode
DeleteFileA
GetModuleHandleA
GetStartupInfoA
GetProcAddress
LoadLibraryA
Process32Next
lstrlenA

user32

ExitWindowsEx

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

msvcrt

sprintf
atoi
toupper
strlen
strstr
_strdup
ftell
fseek
fopen
fwrite
fputs
fread
strcpy
calloc
_except_handler3
malloc
memset
strcat
rand
strrchr
strcmp
strtok
srand
__argv
__argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fclose
_strcmpi

Sections

.bss
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE