ef904f32f66ce94f6e6435e83ac5a700_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef904f32f66ce94f6e6435e83ac5a700_JaffaCakes118
Size

28KB
MD5

ef904f32f66ce94f6e6435e83ac5a700
SHA1

328613ec3c67bf0ed444f1910120eee0ab27b3ec
SHA256

0c971b4c3b7068519ac0bd46eff6a21fb5c84a44161fa927c798abcf4c56490f
SHA512

26883b066aedacba6c223b25fbc2fdb257bd7580a447d09e42ca6f1123a3eb3c77a1510790931e7db0e81294e212892334ba0c2ebe9a1526f80747555518a3bb
SSDEEP

768:cnYl2IwXicNgUXw5ldJ6IqUWoDOL4KMcHO:cYgngSw5ldsIqUWoqhMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef904f32f66ce94f6e6435e83ac5a700_JaffaCakes118

Files

ef904f32f66ce94f6e6435e83ac5a700_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee94fee6d96573394df1ccff29966ad9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_tell
_rotr
_tzset
_umask
_spawnl
_stat64

kernel32

GetNextVDMCommand
GetDriveTypeA
GetStdHandle
GetSystemInfo
GetVersion
GlobalAlloc

Sections

.text
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE