efd0594e57de6bc29352cb13d1110725_JaffaCakes118 | Triage

Sharing

General

Target

efd0594e57de6bc29352cb13d1110725_JaffaCakes118
Size

232KB
MD5

efd0594e57de6bc29352cb13d1110725
SHA1

a2f739b0e7e843f5658e0c56cbfd0075f2cc6e1f
SHA256

920c58733b3c0698452b147e36a596d93afa0b155b26600b9d880f1daaa5d7c8
SHA512

df3f74ec9bf773e117a829f73b0174ab1d66f804ba23fcf68d2e1ba90ae181c6fb1050214c50183e1336c04ef67da251b3903b31b88f9d8be595439657222a11
SSDEEP

1536:CMl1aT/oOsUX3JpPHWSLTbDqsiNKfYSMIV8ZvDMl1aT/oOsU:CZnsUrJjqWWPnsU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd0594e57de6bc29352cb13d1110725_JaffaCakes118

Files

efd0594e57de6bc29352cb13d1110725_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ