187245517228691dbbb19d33f045040e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

187245517228691dbbb19d33f045040e_JaffaCakes118
Size

155KB
MD5

187245517228691dbbb19d33f045040e
SHA1

32156f2e226bb5c1fbce31c64e09993ee202e71d
SHA256

5bf2de5d3d9b41a574a5e3cdb8007ad7e2b05724687ae07ab81e6c25fc9a79f9
SHA512

af009439faeb2df48970f617d48c2b0fb0813fc7de2f3e66fcafdc87b79ed6b891513aec90573002fe23fc8229ad6089006de95257fe08a19b8848bba532d590
SSDEEP

3072:tQBNLeZwLW/aV1B2vl4cAyDjMSJfwqCQtqZMWy0ABAsWqcVaSElx5:tqLeZwLW/YB2t4Qf3CQtnwqqBWx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
187245517228691dbbb19d33f045040e_JaffaCakes118

Files

187245517228691dbbb19d33f045040e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7866b38ab40a0964e212c2683b71aad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ValidateRect
EnableWindow
IsWindow
ExcludeUpdateRgn
IsWindowEnabled
DestroyWindow
ReleaseCapture
UpdateWindow
FlashWindow
ValidateRgn
RealGetWindowClassA
GetCapture
InvalidateRgn
GetUpdateRgn

kernel32

LCMapStringW
FindClose
GetCurrentProcess
ConvertFiberToThread
SetEnvironmentVariableW
FileTimeToLocalFileTime
LocalAlloc
GetStringTypeW
SetThreadIdealProcessor
GetOEMCP
FindFirstFileW
GetSystemDirectoryW
FindResourceW
SetErrorMode
CompareStringA
LocalFileTimeToFileTime
EnumResourceNamesW
RegisterWaitForSingleObject
GetShortPathNameW
GetLocalTime
IsBadReadPtr
FileTimeToSystemTime
FreeLibrary
SystemTimeToFileTime
LocalFree
SetCurrentDirectoryW
LoadResource
FindNextFileW
SearchPathW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ