efda8f56dde580baf557d53df023e97d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efda8f56dde580baf557d53df023e97d_JaffaCakes118
Size

134KB
MD5

efda8f56dde580baf557d53df023e97d
SHA1

add0c0d02fb5b1faeb96a83b235eb4291c4b9873
SHA256

2b7d110765708792230959d7cfb870a17b78d6f115400f46dd1b22b236f16691
SHA512

cc3f80215acd22f6a3576b2e8e1344e3c17b84272c1edde073f7ad8d245ee282d6abd8ebe8e839362aa30ff5bac93187bf8ebdabe4eeb8ee6a7ac0c55fd058f2
SSDEEP

3072:JZnY2Mgo5ISq0OKkO5EvQibsiuxuT6bMAwbXRTTUcfU7JdCIWNVNZ5IXj8a:JZYAOkWE9bsvuTwORSOICjc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efda8f56dde580baf557d53df023e97d_JaffaCakes118

Files

efda8f56dde580baf557d53df023e97d_JaffaCakes118
.exe .pdf windows:4 windows x86 arch:x86 polyglot

5989807cb548b1f329602c9c58d16802

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
SetFileAttributesA
SetPriorityClass
GetCurrentProcess
GetLastError
CreateProcessA
GetShortPathNameA
GetEnvironmentVariableA
GetModuleFileNameA
CloseHandle
TerminateProcess
OpenProcess
lstrcpyA
GetProcAddress
GetModuleHandleA
WriteFile
ReadFile
SetFilePointer
CreateFileA
Sleep
GetStringTypeA
LCMapStringW
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
LCMapStringA
GetStringTypeW

shell32

ShellExecuteA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE