efeb1fca7fdc80e886219343a2ab94f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efeb1fca7fdc80e886219343a2ab94f3_JaffaCakes118
Size

264KB
MD5

efeb1fca7fdc80e886219343a2ab94f3
SHA1

f1c6758d72b1fa1c0b5a711a29be688521aa5606
SHA256

d483e77837e815486746fa503ceef6c53092eb733bdc6ac16335bd99b1a8a97d
SHA512

734e2ac0c94e6f47e9c352bf658c81a1662934025f8600d3e6076ccf3ce388e6d20bb843830452a6e0271dfa6eb1601dad8bc700d9545ccfdd1a550b9022ec19
SSDEEP

3072:5WmXAnnmhpYcRcT9hYsaOMMQqrnyxl7IFVsDtmngcGVfBsnW5bj7W7s5DbXUj4F9:5WmXiypv04sa1M9ryxSFW0zGJBMJKSM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efeb1fca7fdc80e886219343a2ab94f3_JaffaCakes118

Files

efeb1fca7fdc80e886219343a2ab94f3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c94bcd17fa299ff8fe9b5ebff88bc79c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyW
RegDeleteValueA
RegEnumValueA

kernel32

ExitProcess
GetLastError
GetCPInfo
DeleteFileW
GetLocalTime
DeleteFileA
FindClose
HeapAlloc
lstrlenA
WriteFile
OpenFileMappingA
HeapFree
GetFileTime
GetStdHandle
CopyFileExA
FreeResource
GlobalFree
lstrcmpA
ReadFile

user32

AppendMenuA
GetDC
CopyImage

Sections

.4fhgd
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.570h7
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0e0c
Size: 227KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.15aa
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ