20eaa41562c1db593ba90024183eee91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20eaa41562c1db593ba90024183eee91_JaffaCakes118
Size

181KB
MD5

20eaa41562c1db593ba90024183eee91
SHA1

34d52d03bfa76b6bac74ae66fb4723edd44274c8
SHA256

9217195cbc932bb55c0ef434912ae8250ae3e18ac76a1d3ed0f79dddd6510fa2
SHA512

5d17b22b83f2659867b19379b8ce30a9546dbe68329ae3df8cf374431305e55f598e6b96282bf867a0560ef53b6f1b60996f66ad2ee6bdd97a4d92bd8667f4ef
SSDEEP

3072:qQDVNrxqGNbJLvAGCLYYYWLK6tYKtODk96Z4G0HteoaVPic422JL6dw4FJSlzB3:frkqJcAYBftzOE64G0Hko0qcE6+2StB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20eaa41562c1db593ba90024183eee91_JaffaCakes118

Files

20eaa41562c1db593ba90024183eee91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b9a441e841f5e586d6ce4147e92cdd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
ValidateRgn
IsWindow
RealGetWindowClassA
UpdateWindow
ValidateRect
ReleaseCapture
DestroyWindow
IsWindowEnabled
EnableWindow
FlashWindow
InvalidateRgn
SetCapture
GetCapture
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

FileTimeToSystemTime
CreateFiberEx
FindResourceW
LCMapStringW
LocalAlloc
SetErrorMode
LocalFree
SetCurrentDirectoryW
GetShortPathNameW
SetThreadAffinityMask
GetSystemDirectoryW
SetEnvironmentVariableW
GetLocalTime
GetCurrentProcess
GetStringTypeW
FindNextFileW
EnumResourceNamesW
LocalFileTimeToFileTime
FindClose
SetThreadPriority
CompareStringA
IsBadReadPtr
FreeLibrary
SystemTimeToFileTime
LoadResource
FindFirstFileW
GetOEMCP
FileTimeToLocalFileTime
SearchPathW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ