ef9eb9df155b04573c4a14eecd13185f_JaffaCakes118 | Triage

Sharing

General

Target

ef9eb9df155b04573c4a14eecd13185f_JaffaCakes118
Size

340KB
MD5

ef9eb9df155b04573c4a14eecd13185f
SHA1

b565bcd20d252375c36cde6a868a2a67103ae8a4
SHA256

e6feaf97ef914e8d5c84150d8f6c69c3648a5896706d66893feebde52aa12cfc
SHA512

298c8fcf5460c82d66f1f68e736bf86904fb9828fb48c2a78de174b9b317ca454768d7cdbb84328ffbc16c8ac986c556defa33d4c76fdd661fcde0fe2f7c3c3a
SSDEEP

6144:TRFLgkHiOsEmM+vMNPN+o6BWl+4VwYC/AkKJqWHlFA8DVM3SN:LLKOsEmMBNP76sl+BxYkZW7AMV8G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef9eb9df155b04573c4a14eecd13185f_JaffaCakes118

Files

ef9eb9df155b04573c4a14eecd13185f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13336f6ae0eb08c4c50ccdbcada80364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
lstrlenA
GetModuleHandleA
FindClose
CreateMailslotA
CloseHandle
CreateEventA
GlobalLock
GetACP
GetLastError
GetStdHandle
IsDebuggerPresent
GlobalUnlock
LocalFree
HeapCreate
FreeEnvironmentStringsA
LoadLibraryExA
CreateFileMappingA
CreateFileA
IsBadReadPtr

user32

SetFocus
GetIconInfo
GetParent
GetListBoxInfo
DispatchMessageA
RedrawWindow
IsMenu
GetDlgItem
DialogBoxParamA
EndDialog
GetDlgItemTextA
CheckMenuItem
GetMessageA
DrawIconEx

apphelp

SdbFindFirstTag
SdbFreeFlagInfo
ApphelpCheckRunApp
SdbCloseDatabase
ApphelpShowDialog

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ