efa39761bb9d79a82d90a46656583c16_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efa39761bb9d79a82d90a46656583c16_JaffaCakes118
Size

190KB
MD5

efa39761bb9d79a82d90a46656583c16
SHA1

d067c0d56a0a613e0640c045f72a3f691d777942
SHA256

929976ef537dbf6ff5089b90bed280bd92d4a83b3eaad560ba09f87844b8948e
SHA512

78556e8fdca6e28275923e0999ec02a57215a18a24ff00d1e39c79c1c525b66dccc587ac6699977733b125de95ed6a54fc1e20ef5512744ab64d7ec6aaa73d4c
SSDEEP

3072:ouG3d8TV27inJkNec5DrM5NS5ajrrmii8inNxrY0WE2FrK6W2Ih3PydzcrWi2EXi:o/KB27iJkNnMnjrrXi8inNRY0P6Kyy2u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efa39761bb9d79a82d90a46656583c16_JaffaCakes118

Files

efa39761bb9d79a82d90a46656583c16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0a0f90a0d821aecf8edaf182d49f133a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First

user32

GetWindowInfo
InsertMenuItemA

shell32

PrintersGetCommand_RunDLLA
ExtractIconExW
ShellExec_RunDLLW
ExtractAssociatedIconW

gdi32

OffsetClipRgn
CreateICW
SetICMProfileA
GetGlyphOutlineWow
SetArcDirection
SaveDC
StretchDIBits
CombineRgn
CreateFontIndirectExW
RectVisible
GetPixel
GetWinMetaFileBits
StartDocW

Sections

.text
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 177KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ