efd1a2c3b9d3efac66986aaaa4f0b273_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efd1a2c3b9d3efac66986aaaa4f0b273_JaffaCakes118
Size

329KB
MD5

efd1a2c3b9d3efac66986aaaa4f0b273
SHA1

e6aba6356946a0cf833881847f4041d28c8acaf0
SHA256

cd07fa32a403b0784af31aaa46054ce5c74ca61152ddb78c4f4b5f6efa1f8c1b
SHA512

3ff3a9b26bedbc2d07f2ed13aaa58f64f847c6a45f7ff2b9b7e74e77423a5cc84fb0627a713c97aa9cf9d7804e039872a07b8ec29ea152de0844c47a1b4d5578
SSDEEP

6144:MUeXcyCsGlLYA0WbPoc+Cmjinjwf6JoA/DL3hu55rbL3gnU:MU4BC/ixWsc/mjinju2owLR85XL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd1a2c3b9d3efac66986aaaa4f0b273_JaffaCakes118

Files

efd1a2c3b9d3efac66986aaaa4f0b273_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9baf6b2879ec5d3aa4174d2c43136190

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

WaitForInputIdle

gdi32

SelectClipRgn

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 319KB - Virtual size: 952KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tianwai
Size: 128B - Virtual size: 128B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE