ef2ec845ea682ced16646838d9d36358_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef2ec845ea682ced16646838d9d36358_JaffaCakes118
Size

83KB
MD5

ef2ec845ea682ced16646838d9d36358
SHA1

0c6f4392b3ccd5b8f0f45031d26cc618e7142135
SHA256

7d06006e8c5322c8ed742500db3831cd233076d029828a55669c5540cfbb2e18
SHA512

029a6e8686a5955528672b6ea7470657e188695af913aa6be204680429582b4d1a93ed082329a7e10f89fb872053c97a7199c518d7b7078a48552abf85e1295a
SSDEEP

1536:OUVs44uMY31q1ti6BwKT6wQPC7C3pjVrs2ryrd1vUQuqwcizSkX:OUVs0+s44wfqHs2quciu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef2ec845ea682ced16646838d9d36358_JaffaCakes118

Files

ef2ec845ea682ced16646838d9d36358_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75e278c4220896cb65e0106ae1dac133

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFiber
LZCopy
EndUpdateResourceW
GetDllDirectoryA
GetLocaleInfoA
MoveFileA
CreateVirtualBuffer
ReadConsoleA
SetCPGlobal
CreateDirectoryExW
DosPathToSessionPathA
LoadLibraryA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE