efe0a117d53c2a7e19bd7616f2a2ba88_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efe0a117d53c2a7e19bd7616f2a2ba88_JaffaCakes118
Size

140KB
MD5

efe0a117d53c2a7e19bd7616f2a2ba88
SHA1

5aee897adc6dc848cc8e2c0728652e06dfd176b1
SHA256

f423dd7468c09620ce9269d0a8e7132bf09a67f71a6114d4cd1650c94558c32b
SHA512

ce6492c518142e01dd369452e94ecbd9e2326927718e048fb4d180f1a44c89375702145bea783bda815a233d80dfc3b19a3da364447ca0206d1dfadab9fb0692
SSDEEP

3072:cjvzAZ6WAvsc8QeJZLWmdRdzECt9sIkxKLASv3Ns2nThX750RGF:EfG0eJNNdjRI90q2RSRG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efe0a117d53c2a7e19bd7616f2a2ba88_JaffaCakes118

Files

efe0a117d53c2a7e19bd7616f2a2ba88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b5c8474dc391c035a3e2b8a8a57ccfdf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateNamedPipeA
EnumResourceTypesW
GetStringTypeW
WriteConsoleInputW
CancelTimerQueueTimer

user32

MapVirtualKeyW
CheckMenuRadioItem
GetMenuState

gdi32

BitBlt
OffsetClipRgn
CreateFontW
GetCurrentPositionEx
EndPath
StrokePath

advapi32

GetServiceDisplayNameA

Exports

Exports

gtwvpetchi
kwdtwpzvniwsxd
tdydurtx

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ