eda44d9dd372786b7c8c9710442a294a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eda44d9dd372786b7c8c9710442a294a_JaffaCakes118
Size

43KB
MD5

eda44d9dd372786b7c8c9710442a294a
SHA1

b18f3ddfd69fd0555cfc8151f05cf1d14d1742d1
SHA256

2c1e71198ef8f73a32d43c8909e13b08640716241448f6e6547acfec26ffa974
SHA512

0620e512ff5046d3d34b4c16344980cce3de71259d6a8f5ea9ae3471aaf14323bad4c78b083e4656e0235240f93630959f1d3de9c07a45783d312a74ebacb557
SSDEEP

768:Z0ot1XLeOF8lsNKMGFGb+sWO+1StwE+wkM6ZgMv1x7hoRCWB:ZjvlFUmGF/k+1SXJq1X5g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eda44d9dd372786b7c8c9710442a294a_JaffaCakes118

Files

eda44d9dd372786b7c8c9710442a294a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

30d6b4f6c0b94abd7d3f733215a5150f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
lstrcatW
CreateThread
ReleaseMutex
GetDriveTypeW
CreateFileMappingW
FlushFileBuffers
lstrlenA
CreateProcessW
OpenProcess
GlobalLock
UnmapViewOfFile
FindFirstFileW
CopyFileW
lstrcmpiA
SetFileTime
HeapAlloc
GetModuleFileNameA
GetSystemTimeAsFileTime
GetTempPathW
SetLastError
EnterCriticalSection
SetFileAttributesW
CloseHandle
GetUserDefaultUILanguage
CreateEventW
DisconnectNamedPipe
SetEvent
WriteFile
ExpandEnvironmentStringsW

user32

OpenDesktopA

Sections

.zyhol
Size: 35KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hal
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jqjoz
Size: 4KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ