efed2fce964202a867a2a239e255a80d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efed2fce964202a867a2a239e255a80d_JaffaCakes118
Size

50KB
MD5

efed2fce964202a867a2a239e255a80d
SHA1

a35cdbbd473f307d8df27de09caaaa2b132b4c91
SHA256

497400237f7d07733c6d3154d919171dc51826dc1041e7ebb7e48c0ab251806c
SHA512

3544c82df16c05cfd24de989139be2c976e89a740bc24ef6e1f99b597ccaf777806333bf3724aa1f4e6e29cb8feb8d62be1684c8f5f2aad11ed32fcc100ef2b4
SSDEEP

768:11O9rdLeyBnIOdEett7MBtYD+jVQg63NmpqgJwKIW199Q7PTqoUDl5:11O9rg8SU7EdREmpqgJXIqQ7WoUDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efed2fce964202a867a2a239e255a80d_JaffaCakes118

Files

efed2fce964202a867a2a239e255a80d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

95a3b00ae0a37e231da9ae1d2ccef07a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
StrCmpNIW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

CharLowerBuffA
CharUpperW
CloseWindowStation
EndDialog
FindWindowExA
GetCursorPos
GetWindowThreadProcessId
LoadCursorA
MsgWaitForMultipleObjects
OpenDesktopA
PeekMessageA
ToUnicode

Sections

.gpof
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zst
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rslsl
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ