17e64f6652e561c98a755ee2d65858c1_JaffaCakes118 | Triage

Sharing

General

Target

17e64f6652e561c98a755ee2d65858c1_JaffaCakes118
Size

191KB
MD5

17e64f6652e561c98a755ee2d65858c1
SHA1

c22c4ee3b7f1d28a12d34dbaceda2d757d92d21d
SHA256

01da3048dab88645c28f89a20f85ecdb9696028be7b05cfd41dfef53b7623dfb
SHA512

788b49a2bc20a91071ff4bd2a4544213996358aa01e48efac73fc2327e67f9cb8625fc9b1b98c2bf1364da75dca2bc635676f3f15b652e6ad63a844a9a782684
SSDEEP

3072:vH8PiU4MMRHR3Sosv17FZa1evY6phG7M9pJ/mCT+CSpGiqAk4ON:vZUDMRxvsvA1QYikM3J/mCTaPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17e64f6652e561c98a755ee2d65858c1_JaffaCakes118

Files

17e64f6652e561c98a755ee2d65858c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f28f2c78e8701e99b03cdc33f4d2502a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

FlashWindow
ReleaseCapture
RealGetWindowClassA
EnableWindow
DestroyWindow
ValidateRect
ValidateRgn
ExcludeUpdateRgn
IsWindow
UpdateWindow
InvalidateRgn
SetCapture
IsWindowEnabled
GetCapture
GetUpdateRgn

kernel32

CreateFiber
QueryPerformanceCounter
QueryPerformanceFrequency
GetCommandLineW
LocalAlloc
ResumeThread
GetExitCodeThread
GetSystemDirectoryW
GetCurrentThread
TerminateThread
EnumResourceNamesA
InitializeCriticalSection
LeaveCriticalSection
CreateThread
CreateEventW
SetThreadIdealProcessor
LocalFree
SetThreadPriority
EnterCriticalSection
GetSystemDefaultLangID
MultiByteToWideChar
DeleteCriticalSection
SetEvent
GetCurrentProcess

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ