2f669ae35859fd7771c84ea4528c426d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f669ae35859fd7771c84ea4528c426d_JaffaCakes118
Size

72KB
MD5

2f669ae35859fd7771c84ea4528c426d
SHA1

8bac03ae705d8b3e07ba7f5b40ae7bfe82d64ac5
SHA256

0db1952bd9f145ad5f50ec9aa7582a5ccb47f4b0a61bdf3d239207c378271b05
SHA512

e832265fa09aeea7735a44bb16f2b4e8281ff9d0e09623fb37b7502a31086bb4e4100e1aa4fe79f1e47732d2e4ad89caebd936cf69088ece8046fe46de6ccdd0
SSDEEP

1536:kuvHUcBFLIVAk75gUuUEoUBnTp2wE8KK:5ccDLIavJp2wE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f669ae35859fd7771c84ea4528c426d_JaffaCakes118

Files

2f669ae35859fd7771c84ea4528c426d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ae4b86caac7841109af25524232d266

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadContext
VirtualProtect
FreeLibrary
GetCommandLineA
GetLastError
ExitThread
GetStartupInfoA

user32

PeekMessageW
PostThreadMessageA

Exports

Exports

Awxeterlsgs
Qknquyq

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA21
Size: 3KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e4355
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ