efbc2874e71a6384d1534dde8504c87f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efbc2874e71a6384d1534dde8504c87f_JaffaCakes118
Size

112KB
MD5

efbc2874e71a6384d1534dde8504c87f
SHA1

5cc0104bba30a009c71ab41d8935776d8e241cfa
SHA256

47dcb76d844394c73ec20c945da54424a02c2f0b3f6eae2e7d835168993ed94a
SHA512

0ed2532c1917af08ce40f674ba27a4b1a4af2c2fa206efc0af23ab15b5a2aef6b5477bf9289fce95f368a5dd43feb757a6ddf772ddb8869406b7bfe4737bff70
SSDEEP

3072:VNynjGVELry4Jq2voufFn3avOMUO4KmD:V7V7qQufVyUkmD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efbc2874e71a6384d1534dde8504c87f_JaffaCakes118

Files

efbc2874e71a6384d1534dde8504c87f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b158c4f2ce7051348fe16b70de4f3372

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DrawTextA
DrawIcon
DispatchMessageA
DestroyIcon
DestroyCaret
DefDlgProcA
CreateMenu
CreateDesktopA
CreateCursor
CopyRect
CharUpperBuffA
CharToOemA
CharPrevA

kernel32

EnumResourceLanguagesW
lstrcmpA
TlsGetValue
TlsFree
Sleep
SetLastError
SetCurrentDirectoryA
MapViewOfFile
LeaveCriticalSection
GetTimeFormatA
GetSystemTime
GetPrivateProfileStringA
GetLastError
GetDateFormatA
CloseHandle
EnumResourceLanguagesA
EnumResourceNamesA
FindResourceA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE