2c049a3c2cfd04c2e9d589bdaff1d957_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c049a3c2cfd04c2e9d589bdaff1d957_JaffaCakes118
Size

29KB
MD5

2c049a3c2cfd04c2e9d589bdaff1d957
SHA1

7edf184f0cd3fdb04189ee35364a78135d1eab05
SHA256

b462aa56e87630a1b739f8c8ee44e104d5b30ce63bf309654e258212a15d1dfa
SHA512

0b7f416e5629bd8f833d497369e914aae9f32acc3d6b95b18eb3972faea6fd08a24896a824d6c04b8acac0954d66fc0f49e8d55f42c757c2d8a4341fd5805f29
SSDEEP

768:VjPlQ9E+0rNfi8SWhoVqAy/OSmES77zTubsyfY3BV1NKb:n2+rJo8AY1SWPeBzNG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c049a3c2cfd04c2e9d589bdaff1d957_JaffaCakes118

Files

2c049a3c2cfd04c2e9d589bdaff1d957_JaffaCakes118
.exe windows:1 windows x86 arch:x86

8ee88c1d13d4a472047af55fffd6d6bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
TerminateProcess
CreateFileA
CloseHandle
ReadFile
OpenProcess
CreateToolhelp32Snapshot
GetModuleFileNameA
Process32First
CreateDirectoryA
Process32Next
GetTempFileNameA
GetTempPathA
WriteFile
SetFilePointer

shell32

ShellExecuteA

Sections

.flat
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE