2bada66d661e155b5fbe1a164b3e5810_JaffaCakes118 | Triage

Sharing

General

Target

2bada66d661e155b5fbe1a164b3e5810_JaffaCakes118
Size

70KB
MD5

2bada66d661e155b5fbe1a164b3e5810
SHA1

c7e57deed12aa4b1d41590d013a09972e636e2f4
SHA256

1db0bbd0bbd8ed2ac9796ffe17074d31a3308b1c9cfb9a645a2a453506899f19
SHA512

314dbcb08fdd6869246441b14a0e1e830785d2a785dde8f5c4cf957fbefb5541067025fe37c0c659b4aa82d741bafab6f98a19be50f3c8b546dc2c7c5d30666b
SSDEEP

1536:Yhfn8CUldADexv6+JUE3VeUpx68rv45U3mgdAuSe:afn8CSdsAi+Jldx6yv4G3LdIe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bada66d661e155b5fbe1a164b3e5810_JaffaCakes118

Files

2bada66d661e155b5fbe1a164b3e5810_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3391024d27d801b58b270449bd4b8c2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetStartupInfoW
VirtualAllocEx

user32

LoadIconW
LoadIconA

gdi32

RealizePalette
SelectPalette
GetStockObject

advapi32

RegOpenKeyW

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataR
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ