efec452e9b71381f7910a73df09e0219_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efec452e9b71381f7910a73df09e0219_JaffaCakes118
Size

25KB
MD5

efec452e9b71381f7910a73df09e0219
SHA1

fa5f1d89b2faa753c4d91764deb5f9984ce2c416
SHA256

d61063d5805ae76a8811b12ce333ec23d712fb504b415b77b8760853fabb1285
SHA512

72d5ca2c84e221bae664b0dc750936d8bbcd7bad9430d42908a654b18967fef64fec43d7b197f9aaf9d8470ecd66371827c1b9ac4a4097e4e966dc77a5b70c5b
SSDEEP

384:yUu/3mo7NCp4zV3ubuXj9bPAXdKjugUbWdu18VuCQk091OZoEWf:y883uzZCdo86DOSh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efec452e9b71381f7910a73df09e0219_JaffaCakes118

Files

efec452e9b71381f7910a73df09e0219_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a135ded6789e662b78a79a4622f15a5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
WriteFile
CreateFileA
GetTempPathA
GetWindowsDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA

user32

MessageBoxA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_strcmpi

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE