efdc4af8f4be92cc9ebaee11d6b48446_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efdc4af8f4be92cc9ebaee11d6b48446_JaffaCakes118
Size

154KB
MD5

efdc4af8f4be92cc9ebaee11d6b48446
SHA1

a5fca82706c17075cae998d657f0130730dc4686
SHA256

6fbc34d0f2d7bca5e464c31aefed44eb2c5977c7e38edfd2e370d0f818dd56c9
SHA512

ceb11002492d51be5dbe4ba4eea04f5d0f7eff8b3a3d78b7c2108871af2b9ba41bb4c24f22bb806ceb9505d5721bbdda9a5f22db7da4528eab21951eca8eadf8
SSDEEP

3072:xjb0I78PhuHi7yOHqjMuk6d4+oxOZrc9/mF39FRZNglTowicg3CXC+Nmhy:9hkAiuwfEdox2rKmr7ZmZicg3CXPN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efdc4af8f4be92cc9ebaee11d6b48446_JaffaCakes118

Files

efdc4af8f4be92cc9ebaee11d6b48446_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c38ac97efccd1e501aaa2bfd88cc6a29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetProfileIntA
GetModuleHandleA
GetStdHandle
GetCommandLineA
WaitForMultipleObjects
CompareFileTime
CloseHandle
VirtualProtect
HeapReAlloc
GlobalUnlock
GetTickCount
InterlockedExchange
GetConsoleCP
SuspendThread
GetVersion
AddAtomA
WaitForSingleObject
GetSystemDefaultLangID
LoadLibraryExW
lstrlenA

user32

InvertRect
CopyImage
GetKeyboardLayout
DialogBoxParamA
SetPropA
CreateMenu
CopyRect
MessageBoxA
DestroyMenu
DispatchMessageA
IsDialogMessage
DragObject
SetWindowPos
CreateCursor
CreateIcon
CreateCaret
SetScrollInfo
GetDlgItem
EnableScrollBar
FindWindowA
GetKeyState
GetCursorInfo
InsertMenuA
DrawCaption

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegCloseKey

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ