1985611d1819ef6c1eeedd88bc31ebe5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1985611d1819ef6c1eeedd88bc31ebe5_JaffaCakes118
Size

165KB
MD5

1985611d1819ef6c1eeedd88bc31ebe5
SHA1

8a653cb31d8403cb00ea0d3cdda2d1fe8fa20250
SHA256

4a72421e02e7aa08bd585f5dadefd5d905c68d1ad98749c02bc3ea3a4fd79500
SHA512

79413aed997631a1f01587fdfc2ad3e9bd2988b4b16cad43490d47e225e871733e57428dcd9cad766a22c26fb8fba3fb95ca47ca4572375d8d793930c58e84a6
SSDEEP

3072:clWtbd0V4gW7s6L5ag6NOYRW/lnQC+BrVQC/A5jdc8/7VUebmRU4Gxa6RokzQrMb:clWtB0VN6AgkOfX+xaCALNiGxagokzt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1985611d1819ef6c1eeedd88bc31ebe5_JaffaCakes118

Files

1985611d1819ef6c1eeedd88bc31ebe5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1211ae050006b00961d4d3438cae4636

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetShortPathNameW
SetErrorMode
ConvertFiberToThread
FindResourceW
GetCurrentProcess
FindFirstFileW
FindClose
IsBadReadPtr
GetSystemDirectoryW
FindNextFileW
SetThreadIdealProcessor
FreeLibrary
GetLocalTime
FileTimeToSystemTime
EnumResourceNamesW
LoadResource
SetCurrentDirectoryW
RegisterWaitForSingleObject
LocalFileTimeToFileTime
FileTimeToLocalFileTime
LocalFree
LCMapStringW
GetOEMCP
SystemTimeToFileTime
GetStringTypeW
LocalAlloc
CompareStringA
SetEnvironmentVariableW
SearchPathW

user32

InvalidateRgn
ExcludeUpdateRgn
ValidateRect
EnableWindow
IsWindow
GetCapture
FlashWindow
DestroyWindow
IsWindowEnabled
ValidateRgn
RealGetWindowClassA
ReleaseCapture
UpdateWindow
SetCapture
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ