efbed7e0405a3141c0c29e7482886d72_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efbed7e0405a3141c0c29e7482886d72_JaffaCakes118
Size

149KB
MD5

efbed7e0405a3141c0c29e7482886d72
SHA1

80740587512e794a02071965ec83444bc4ab5f1b
SHA256

b8148a4670baeecb1df7b3b04b4feb354b8168a57c07b5088e3b0968cf19f246
SHA512

20f25949cf8bdbd80ff438b0677a1c225639011c1a4ed49f2585a7dc5162d16f5e9db2fe9789df74c38a7e1200d2087da291fc580cf43f0e45d0e58aae865b8f
SSDEEP

3072:FNDtS+1aMKKEho/iJ433MITnWnTySYPW0OzMdb:bpLRviCWnyPWdUb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efbed7e0405a3141c0c29e7482886d72_JaffaCakes118

Files

efbed7e0405a3141c0c29e7482886d72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03df7e897f25f00a9b5f2a80ccf93e27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
CreateSolidBrush
GetObjectA
SaveDC
GetPixel
SetMapMode
SelectPalette

user32

CharNextA
TranslateMessage
GetDesktopWindow
GetParent

kernel32

SetCurrentDirectoryA
VirtualAlloc
GetACP
GlobalFindAtomA
VirtualFree
RemoveDirectoryA
GetProcessHeap
GetTickCount
GetCurrentThread

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sfqkc Ns
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE