2b04bea28ebaf806f20582ecc9b54af0_JaffaCakes118 | Triage

Sharing

General

Target

2b04bea28ebaf806f20582ecc9b54af0_JaffaCakes118
Size

130KB
MD5

2b04bea28ebaf806f20582ecc9b54af0
SHA1

39095cd787ea3815df6e0cf00ef89ce4dc8478ae
SHA256

4c05465801f7da23ddc8d6220fdd1734e9207f08db4d4d6e08ebf92b396366ca
SHA512

56c492f42a296fa9fd83d260bced3ac33ccc5d9e9089870e4a6a60ea20d78c067046650d46fd51c76bee0b26a73d38e422d81684d0e13fa1c4aebc20c9d93186
SSDEEP

3072:7kuS927wFi3WZeeNXAxem5+1B8jScEz2xnDhX:NwujGZeehOb5ace21

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b04bea28ebaf806f20582ecc9b54af0_JaffaCakes118

Files

2b04bea28ebaf806f20582ecc9b54af0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8a86ef96fcb3063681494e6a8ab41a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
GetStartupInfoA
GetStartupInfoW
GetProcAddress
ReadFile
lstrcatW
GetWindowsDirectoryW
ExitProcess
CreateFileW

user32

LoadIconA
LoadIconW

advapi32

RegOpenKeyExW

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ataTY
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atag2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.atag
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ