ef6fcc5263236cd1e67dd61e10ae5450_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef6fcc5263236cd1e67dd61e10ae5450_JaffaCakes118
Size

43KB
MD5

ef6fcc5263236cd1e67dd61e10ae5450
SHA1

219202a5e1087b3b932f218928953f724895297f
SHA256

eb078dfddde3dc60e7e417a1a3679d11edee350e23470841cf4d5bf63b2f16b0
SHA512

918c19d13ae9e16d8938387927961b2488f66e961dab283bdccf2e6ba6a24496e02602157959976919858d227d032351fb732596cb8ab5216711f1a2fc7f398f
SSDEEP

768:EjEW2c7CBl+C4SZ3EDg+mOtMc77yJA+Jrrs/pLv7DXG8oL47PI2+8yenq7cxt:EjEW19C4cZ+mGMcPyxMLHXGk02+De

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef6fcc5263236cd1e67dd61e10ae5450_JaffaCakes118

Files

ef6fcc5263236cd1e67dd61e10ae5450_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a9460aaf05c1c5daafc9ea4681306e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrcmpA
lstrlenA
FindAtomA
lstrcpynA
GetModuleFileNameA
CreateMutexA
CloseHandle
GetTickCount
GetVersion
GetTempPathA
GetSystemTime
WriteFile
lstrcpyA
GetCommandLineA
CreateProcessA
lstrcatA
GetLastError
GetProcAddress
GetTempFileNameA
GetLocalTime
LoadLibraryA
ExitProcess
OpenMutexA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
VirtualQuery
GetVersionExA
RtlUnwind
IsDebuggerPresent

user32

wsprintfA
ClientToScreen
GetCursorPos
GetCaretPos
GetWindowRect
EqualRect
IsWindowVisible
GetFocus
InflateRect

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE