ef623fed3956fc16ef969eec6c2cd452_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef623fed3956fc16ef969eec6c2cd452_JaffaCakes118
Size

178KB
MD5

ef623fed3956fc16ef969eec6c2cd452
SHA1

bdaf65c70d1c20b8d029b5e7986c0efd2d6bd8f2
SHA256

426922ede168b7c00f68d0f955b23361806a9e702eb09a3e7d238ffaf54ad08d
SHA512

c7c0661b724c75935fb5fce370d4a51152d3398a84528ce94ffcddcc285f29725cdb336238832c3213190be49ac7b949f1d7a7683cdb876eff21534a1f0a52ee
SSDEEP

3072:9NAsDATxEPw6SICGskBsSOg05NxqUZCvqozeEZ/jxuOUm+uZvh7dFZDHaQsNvcvU:PJDQIwHIC86H5/kf/pimNvZ3ZDH32iuh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef623fed3956fc16ef969eec6c2cd452_JaffaCakes118

Files

ef623fed3956fc16ef969eec6c2cd452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

557483f44a73b9bf5c3c8f6911b0ed25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GetAtomNameA
HeapReAlloc
InterlockedExchange
VirtualProtect
WaitForSingleObject
GetVersion
LoadLibraryExA
HeapCreate
GetConsoleCP
GetTickCount
SetConsoleCP
GetModuleHandleA
GetCommandLineA
CloseHandle
SuspendThread
GetSystemDefaultLangID
CompareFileTime
GetStdHandle
lstrlenA
WaitForMultipleObjects

user32

DrawCaption
SetPropA
EnableScrollBar
DispatchMessageA
GetKeyboardLayout
FillRect
SetWindowPos
DialogBoxParamA
IsDialogMessage
CreateMenu
GetKeyState
GetDlgItem
InsertMenuA
DragObject
InvertRect
CreateIcon
GetCursorInfo
SetScrollInfo
DestroyMenu
FindWindowA

advapi32

RegCloseKey
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryInfoKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ