ef39f91ede2b9b2e1fe61ff6f6ba800a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef39f91ede2b9b2e1fe61ff6f6ba800a_JaffaCakes118
Size

312KB
MD5

ef39f91ede2b9b2e1fe61ff6f6ba800a
SHA1

21b99101881b676cc95767848b072ec60bd4f535
SHA256

7c7bfedfb71af68619c1f281ddbfc4a0c248f0afbe8b6644c70768c7131b192d
SHA512

b26f7e8543088f5b78fe9ba70609cb97da9b00c327101f884d7368ebe04a794262241f3a20598b513eba98d5b8b24b87c77240746defb8a5ce41ff014fdb3f94
SSDEEP

6144:Nbn8YMs5a8nqK7eEvRoOY5Oka6Q2iH0699R2rF531xjk:Bn8FK7eEvyOY8kb/c4p91K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef39f91ede2b9b2e1fe61ff6f6ba800a_JaffaCakes118

Files

ef39f91ede2b9b2e1fe61ff6f6ba800a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c93cb58ddd683e491203d3b5d8789be2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
VirtualAlloc
GetThreadLocale
CreateThread
GetProcessHeap
GetUserDefaultLangID
GetExitCodeThread
CreateMutexA
GetConsoleCP
CreatePipe
GetStdHandle
ReleaseMutex
IsDBCSLeadByte
GetModuleHandleA
GlobalFindAtomA
CompareStringA
GetOEMCP
TlsFree
GetPriorityClass
SetEvent
GetVolumeInformationA

user32

ShowWindow
GetFocus
GetWindowTextA
GetWindow
GetWindowTextLengthA
InvalidateRect
ValidateRect
GetSystemMetrics
IsIconic
ReleaseDC
GetActiveWindow
ReleaseDC
GetForegroundWindow
RegisterClassA
IsWindowVisible
GetClassInfoExA
CloseWindow
GetDC
GetClassNameA

shell32

SHBrowseForFolderA
SHChangeNotify
SHCreateShellItem
SHGetFileInfoA
SHGetFolderPathA

ntdsapi

DsBindA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ