efad4cab76cda10aeed867795480bd1b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efad4cab76cda10aeed867795480bd1b_JaffaCakes118
Size

148KB
MD5

efad4cab76cda10aeed867795480bd1b
SHA1

f13c122e9d53c56e7f7b93c6c7f107dd66abf3c9
SHA256

f2906c4ec95bf99b38999dbf3384cfb1c9b506054ef1688d23e2c4ab2b542228
SHA512

b486d6caa2f6d4863ff9fc44136ee78d74a8be9ad27724f1ecbe753aa33f59a128976a0a156baba926bd79681cf978ae0d3b45cda8ccd8329bcff96fcdae3b79
SSDEEP

1536:FZutrtbwZya5qVnHNI8WY0/Y36GvzJ9u/yZcsruSA8XuuKsjQM9NjQd5:F8trtboBkZHMY0CBJXuNgQq2z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efad4cab76cda10aeed867795480bd1b_JaffaCakes118

Files

efad4cab76cda10aeed867795480bd1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16e670c11489f67fda7065af95023619

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
VirtualAlloc
GetStartupInfoA
GetVersion
VirtualFree
lstrcmpiA
lstrlenA
GetModuleHandleA

gdi32

CreateFontIndirectA
SetBkMode
SelectObject
CreatePalette
SaveDC

user32

CharNextA
GetDesktopWindow
DispatchMessageA
TranslateMessage
GetDC
GetSystemMetrics

glu32

gluTessCallback

comctl32

InitCommonControls

Sections

.text
Size: 1024B - Virtual size: 813B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Opbrssnv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ