2de42d4cf7cd00b0f796e44657883e0b_JaffaCakes118 | Triage

Sharing

General

Target

2de42d4cf7cd00b0f796e44657883e0b_JaffaCakes118
Size

41KB
MD5

2de42d4cf7cd00b0f796e44657883e0b
SHA1

87c3d914a719aeb19480797f9f7b34344c9e807b
SHA256

243dbb9854a41724b411ac60a650fc87b4e8ae613e8c9e3e63da3e8055dfe826
SHA512

373e5935a7370aafff4d5af7af88823a511541c87d0d9042ae2e6d469a7723f7eda5868675a15f20eeab9e5b0e5218a477c954355160bb7553e11624dd9edbdb
SSDEEP

768:OcTKSsB2oURdsnQmAoKZUjt/3TrXv5B18+C12VGUs8lVtaprrBY4Wh:UB2nRd8lDKZUV3TDv5B18+C0MEVAp/BS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Acronis.Disk.Director.Suite.v10.0.2064.Incl.Keymaker-ZWT/Keygen.exe

Files

2de42d4cf7cd00b0f796e44657883e0b_JaffaCakes118
.zip
Acronis.Disk.Director.Suite.v10.0.2064.Incl.Keymaker-ZWT/Keygen.exe
.exe windows:4 windows x86 arch:x86

bd7f090c8250382ae6b2a33724a4170d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrcatA
CloseHandle
CreateFileA
ExitProcess
FindClose
FindFirstFileA
FindResourceA
GetCommandLineA
GetModuleHandleA
GetTempPathA
WriteFile
LoadResource
LockResource
SetFilePointer
SizeofResource
WinExec

shell32

ShellExecuteA

Sections

.text
Size: 1024B - Virtual size: 550B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Acronis.Disk.Director.Suite.v10.0.2064.Incl.Keymaker-ZWT/file_id.diz
Acronis.Disk.Director.Suite.v10.0.2064.Incl.Keymaker-ZWT/zwt.nfo