ef4e6b5b6443185f647c762b1c61f778_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef4e6b5b6443185f647c762b1c61f778_JaffaCakes118
Size

52KB
MD5

ef4e6b5b6443185f647c762b1c61f778
SHA1

0d87181556208557cb7a761c3f8c2ddcd9829909
SHA256

ea122ae591f8b353f794eacc223108d427aceac985fe4972def8994eb3fc3229
SHA512

956067d8086d65a4c62e961057c2f0fa46f1eae50b3ac46b9c4d9667c18f7f1cd63992f043f1227b2181c81785ff65763d48e6420785643467f03b9c115794fb
SSDEEP

768:D8WLacEPflJD7EXQsNpqqibQeewY4ffLHWUasg8Dh3uOtA8dLA1cbJdi4:sb4XQqqQe9LLHWb58V3XtfdLOcFdi4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef4e6b5b6443185f647c762b1c61f778_JaffaCakes118

Files

ef4e6b5b6443185f647c762b1c61f778_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b752a73805ec02724423177777075dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
FreeLibrary
IsDBCSLeadByte
TlsGetValue
GetCurrentThread
GetCurrentProcessId
GetACP
TlsSetValue
GetOEMCP
GetCurrentThreadId
GetModuleHandleW
GetDriveTypeW
VirtualAlloc
TlsFree
GetLogicalDrives
lstrcpyA
CreateProcessInternalA
GetCommandLineA
GetUserDefaultLCID
lstrcatA
GetModuleFileNameA

user32

GetWindow
ReleaseDC
GetForegroundWindow
UpdateWindow
GetWindowTextA
IsIconic
CloseWindow
GetClassInfoExA
GetDC
IsWindowVisible
GetWindowTextLengthA
GetWindowDC
BeginPaint
GetActiveWindow
GetSystemMetrics
GetWindowLongA
RegisterClassA
ShowWindow
GetFocus

imagehlp

FindDebugInfoFile
ImageLoad
CheckSumMappedFile
BindImage
ImageNtHeader
FindFileInPath

oleacc

LresultFromObject
DllRegisterServer
GetRoleTextA
GetStateTextA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE