6efc26bd2e5841a0922e6af64cff4baf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6efc26bd2e5841a0922e6af64cff4baf_JaffaCakes118
Size

124KB
MD5

6efc26bd2e5841a0922e6af64cff4baf
SHA1

abba12f7a9c0a31cb9f0df4b793d9f9b7694cc60
SHA256

b6261abd5fc9ae76e3c91f43fd166f85264c03b723f0ef88d09836fc1206a3ea
SHA512

bc6fa17888035206bdb82aaf9b7722c794b73199e224736e7f1292e47479293518934bf2f806c4bdb98fed677cf3153b81b4f955a83477a127584885d85fa157
SSDEEP

3072:M23pNCbVQppyEt5IPeHRNzEDyHHGIERvY:HrCRmkONAOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6efc26bd2e5841a0922e6af64cff4baf_JaffaCakes118

Files

6efc26bd2e5841a0922e6af64cff4baf_JaffaCakes118
.exe windows:3 windows x86 arch:x86

4124514e9d070790b0e7720fa1f7c4d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
FreeLibrary
lstrcpy
GetDateFormatA
SetCurrentDirectoryA
lstrcat
GetProcAddress
GetVersionExW
GetCommandLineA
ExpandEnvironmentStringsA
GetVersionExA
LoadLibraryA
Beep
lstrlenA
WaitForMultipleObjects
GetVersion
GetCurrentThread
GetTempPathA
WinExec

user32

GetSystemMetrics
MessageBoxIndirectA
SetWindowTextW
LoadMenuA
SendMessageW
LoadCursorW
GetKeyboardType
SetTimer
InvalidateRgn
IsWindow
CheckRadioButton
SetDlgItemTextW

gdi32

CombineRgn
GetObjectW
CreateCompatibleBitmap
CreatePen

advapi32

RegEnumValueW

comdlg32

GetFileTitleW

shell32

Shell_NotifyIconW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 324B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ