0396a342669a9afaa1f6725d6534827c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0396a342669a9afaa1f6725d6534827c_JaffaCakes118
Size

176KB
MD5

0396a342669a9afaa1f6725d6534827c
SHA1

583b6a5275c90d7a787d4227ff6d58f91c268334
SHA256

cf4cc417e983765fd4f49ab70df2c89d08e287b7cc05a7d0ff0e0fdc67d2719b
SHA512

5547ce10de28e15341b2a9655d535e74ec75b5ffc5852ff1d6fe7952747bfcac4eed4368a4aa9ae775696a815e34b70cee41aa2bc11ed1257c39ce785d5ff565
SSDEEP

3072:cXz80qQJ72UBodRE5Cz4h4azhspPb91aBXBd+I+MJDdTUhedoaEhlHKYP790T:cDDqQJVmu5Cz4hF1YkRd+I+Mb0edbAqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0396a342669a9afaa1f6725d6534827c_JaffaCakes118

Files

0396a342669a9afaa1f6725d6534827c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06d46089c800f1de36a30175e39d4560

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocalTime
FileTimeToSystemTime
CreateFiberEx
LoadResource
GetCurrentProcess
LocalAlloc
GetStringTypeW
CompareStringA
FileTimeToLocalFileTime
SetThreadAffinityMask
LocalFileTimeToFileTime
FindNextFileW
SetErrorMode
FreeLibrary
GetSystemDirectoryW
EnumResourceNamesW
SetEnvironmentVariableW
LCMapStringW
GetShortPathNameW
FindResourceW
SetThreadPriority
SystemTimeToFileTime
SetCurrentDirectoryW
FindClose
GetOEMCP
FindFirstFileW
LocalFree
IsBadReadPtr
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

ValidateRgn
EnableWindow
ReleaseCapture
InvalidateRgn
ExcludeUpdateRgn
ValidateRect
RealGetWindowClassA
IsWindow
IsWindowEnabled
GetCapture
FlashWindow
DestroyWindow
UpdateWindow
SetCapture
GetUpdateRgn

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ