2ba6a088b47edfdb45e735b4f30ec3da_JaffaCakes118 | Triage

Sharing

General

Target

2ba6a088b47edfdb45e735b4f30ec3da_JaffaCakes118
Size

65KB
MD5

2ba6a088b47edfdb45e735b4f30ec3da
SHA1

9c3d1dbd00e43e7ad72a5c8dfb34d742dca07317
SHA256

bc76a8ee595ef50e2d94fe01e1bd6a3f3397267034378ca6e179c8cf1a7512e8
SHA512

2581662a42a634a9a2a02db459aed5bdd3295a79ec79597c397df1fd6a94fa958c7aae46cd8bba8a1081f1f6e08931b635f5d1f31472499300d3ebda745f7456
SSDEEP

768:0BDCMd1xjaN/FppsdBiFxzK3f+5kRXB38YcjeaA83DpefJTTS7v03YZlYQ6TADMp:JfN/1s2jGZRXBM5L3DpexTTS7v0WYVcs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba6a088b47edfdb45e735b4f30ec3da_JaffaCakes118

Files

2ba6a088b47edfdb45e735b4f30ec3da_JaffaCakes118
.exe windows:1 windows x86 arch:x86

fbab6d623652c2057f63a9e532a473ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA

kernel32

GetCommandLineA
GetCurrentDirectoryA
GetFileAttributesA
GetFileSize
GetFileTime
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetStdHandle
GetTickCount
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
ReadFile
RtlUnwind
RtlZeroMemory
CreateFileA
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
SystemTimeToFileTime
WaitForSingleObject
WriteConsoleA
WriteFile
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA

user32

wvsprintfA

crtdll

__GetMainArgs
_strnicmp
exit
gmtime
localtime
mktime
raise
signal
strcat
strchr
strncmp
strncpy

Sections

.avp
Size: 61KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE