ef4f728e3f6f2eed046aefad6bc04e95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef4f728e3f6f2eed046aefad6bc04e95_JaffaCakes118
Size

7KB
MD5

ef4f728e3f6f2eed046aefad6bc04e95
SHA1

6981ed0e55d1d6113accc390cdb93182cb87ab0c
SHA256

2db9e1627efe8e815a3f54a9d70b9df1c1985dcd3a887a4a840b684af0069177
SHA512

4c20dce5c51aeeeff3352a562a758e6597a69a87fde11ad0faf3bb97a662b2d6aba44bedd4df8206390a4792e3d1c64caf52d0f2d5df56a0664df209385446b5
SSDEEP

96:XlfNaBJOb2lqklP/abeTfNg/G0J5W1njv4He8IFYpCjJDbK7p/2lo:OJOb2l9seTGZW1njvMe8J4jJDbK7pS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef4f728e3f6f2eed046aefad6bc04e95_JaffaCakes118

Files

ef4f728e3f6f2eed046aefad6bc04e95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41b9fc051f7c37dd71e5e114b86eabfe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

kernel32

AddAtomA
CloseHandle
CreateRemoteThread
ExitProcess
FindAtomA
GetAtomNameA
GetModuleHandleA
GetProcAddress
MultiByteToWideChar
OpenProcess
OutputDebugStringA
SetUnhandledExceptionFilter
Sleep
VirtualAllocEx
WriteProcessMemory
lstrlenW

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_stricmp
abort
atexit
free
malloc
signal
strcpy
strlen

psapi

EnumProcessModules
EnumProcesses
GetModuleBaseNameA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE