2ba57a947657634e389db877f2aca697_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ba57a947657634e389db877f2aca697_JaffaCakes118
Size

210KB
MD5

2ba57a947657634e389db877f2aca697
SHA1

47fc95baa65407349801fc8daf24e2787d3777f1
SHA256

4705f90b06cb128a944d8b7758fd400aff6474a12b052490338afbe29f346060
SHA512

fbbb6f39bc6b274214842c1c77d7164111022f325f3602d2ac4cc94b1766ee62e8b99a12c5049ff39f5a5456b5c8f3fcf3dd15207271bc23c46ff91570aeeaff
SSDEEP

3072:ekBzTjEi6sMYtlzNW3Zh2LbybenO3ij4IcFuFCdoeOB:DzTjRllBuZh2HyHyEI2wCy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba57a947657634e389db877f2aca697_JaffaCakes118

Files

2ba57a947657634e389db877f2aca697_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8e7d5c5894d084ebf7c0e61b6c696154

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
ExitProcess
DeleteFileA
GetLastError
FindClose
ExitThread
FormatMessageA
GlobalFree
GetStdHandle
GetCommandLineA
CopyFileExA
lstrlenA

advapi32

RegCreateKeyA
RegEnumValueA
RegQueryValueA
RegQueryValueExA
RegDeleteKeyW

user32

CopyImage
IsWindow
CopyIcon
IsMenu
LoadMenuA
CreateIcon
IsWindow

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 166KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE