2f30df08853d9c43fdb746428645abe8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f30df08853d9c43fdb746428645abe8_JaffaCakes118
Size

62KB
MD5

2f30df08853d9c43fdb746428645abe8
SHA1

1670056b5529ecf81e1d3b95e0de41295dd896ab
SHA256

fae8ee9d3f53cf35c72d7d26a5aecccdbf42b6e099108cd3ee9d4509d87ddbd1
SHA512

e523cc35971f8420fdf94ac363f5f2c1ca16e56a416a7ec9089ea762acee4cf498f8ed008dcea09ee4c866cedffa54d0ff639233fa7580f911e9b0a13cd4e4f0
SSDEEP

1536:0HDzKJGOPv9fRHzb2BxnrYYCoyDgqGRmxD85OLmcY86Z05n8:kDzKYsXgd0Yv4LBYli58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f30df08853d9c43fdb746428645abe8_JaffaCakes118

Files

2f30df08853d9c43fdb746428645abe8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24b8c603f38ca79147cff9d23fa4bfbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputA
CreateDirectoryExA
ReadConsoleInputExW
WriteConsoleInputVDMW
OpenConsoleW
Thread32First
GetStringTypeExA
WriteConsoleA
DeleteAtom
LoadLibraryW
ConvertThreadToFiber

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE