1476b07a98cff43682511db1d671379f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1476b07a98cff43682511db1d671379f_JaffaCakes118
Size

176KB
MD5

1476b07a98cff43682511db1d671379f
SHA1

27e302bc3129ddd85b5c3280ec0cac80e94c66a8
SHA256

dd5a5c967aa3c23668df05d46475dc0e18f1115ca74c31df307e4f1f1f89d4af
SHA512

1b1689eb7eec7dc10a2cafc011f784493e52e2089853843b482bb5293d59cdd3c238eb8249f2e9e293627005fe4a12d2a6b3adb92c01f4247068e136faf338e8
SSDEEP

3072:EqCYL/4CArxrZbJ2BCx9E5eZI/LjJIt2EOObzHeWfS9obD3147m3BvUPw0cMddGR:EtYkCe9ZbJFxieZIjlo2ERHeX9obymxv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1476b07a98cff43682511db1d671379f_JaffaCakes118

Files

1476b07a98cff43682511db1d671379f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

69dabe68f278e79404b6fef8132c12cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

FlashWindow
GetCapture
UpdateWindow
IsWindowEnabled
IsWindow
EnableWindow
DestroyWindow
InvalidateRgn
ValidateRgn
ExcludeUpdateRgn
ReleaseCapture
ValidateRect
RealGetWindowClassA
SetCapture
GetUpdateRgn

kernel32

FileTimeToLocalFileTime
FindClose
LocalFileTimeToFileTime
LocalFree
CreateFiberEx
LocalAlloc
GetSystemDirectoryW
SetThreadAffinityMask
FindNextFileW
SetErrorMode
LCMapStringW
GetShortPathNameW
EnumResourceNamesW
GetOEMCP
FreeLibrary
SetEnvironmentVariableW
IsBadReadPtr
FindFirstFileW
FileTimeToSystemTime
CompareStringA
LoadResource
SetThreadPriority
GetStringTypeW
FindResourceW
SetCurrentDirectoryW
SystemTimeToFileTime
GetCurrentProcess
GetLocalTime
SearchPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ