0b948ab45fac0eaaa1f1cda41a5e52c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b948ab45fac0eaaa1f1cda41a5e52c1_JaffaCakes118
Size

182KB
MD5

0b948ab45fac0eaaa1f1cda41a5e52c1
SHA1

264c575f2e367a73b6966458c4b5309dfbd48083
SHA256

c47001d7249cca6d16d024168a6de743b12f87efe420f1a6cc510f4eb89042b4
SHA512

0314170a5ccf5088173058148942e658ad2c3bb02f25b66ac6b7a552a545efc6fecceade188d4cc6e97dd80b72c4dda3acca4c5809b16853bc54388b3cb7a811
SSDEEP

3072:s5UavFqXPtvbxDbURmOYOMQJPAq8bXAPEhT1AQWCDchDrldTuS6/t:IUaQtTdSMqcxW2cphFr61

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b948ab45fac0eaaa1f1cda41a5e52c1_JaffaCakes118

Files

0b948ab45fac0eaaa1f1cda41a5e52c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b34a0bc6f4105357b78c28b6289b3db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ValidateRect
ValidateRgn
GetCapture
EnableWindow
InvalidateRgn
ExcludeUpdateRgn
SetCapture
IsWindowEnabled
ReleaseCapture
DestroyWindow
RealGetWindowClassA
FlashWindow
UpdateWindow
IsWindow
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

LCMapStringW
ConvertFiberToThread
FindFirstFileW
GetCurrentProcess
LocalFree
FindResourceW
GetSystemDirectoryW
FileTimeToLocalFileTime
SetThreadIdealProcessor
SetEnvironmentVariableW
LocalFileTimeToFileTime
GetLocalTime
LoadResource
FindClose
SystemTimeToFileTime
GetShortPathNameW
EnumResourceNamesW
GetOEMCP
FileTimeToSystemTime
IsBadReadPtr
RegisterWaitForSingleObject
FreeLibrary
CompareStringA
FindNextFileW
GetStringTypeW
LocalAlloc
SetErrorMode
SetCurrentDirectoryW
SearchPathW

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ