213faa1dd27aa4e7b0449637f8d63ba1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

213faa1dd27aa4e7b0449637f8d63ba1_JaffaCakes118
Size

156KB
MD5

213faa1dd27aa4e7b0449637f8d63ba1
SHA1

67696750ce63919f46a7fad196a4d847788f466a
SHA256

18b4dc236ffacdfe07619566e3591fa1d38bed3c8dc0f3dc8f84f6dd4623f069
SHA512

05bf17f23baa8cd818192cd46f9804dd1eea5cba569921259e9ef6902205f6f4a0807869e1985c1a5ffc13dc736c4d676fd7eb2ad3b3547b7539e6af4c12e2ae
SSDEEP

3072:Klskuk82jR2j62csvKGfhjStSnfEiqVBva36nDxpRsaA4yK9vBy5W+:KlPxFjMj3KGxSknfEvVlaq5saEK95b+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
213faa1dd27aa4e7b0449637f8d63ba1_JaffaCakes118

Files

213faa1dd27aa4e7b0449637f8d63ba1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

165ae84421c1da663c96fe10ef631505

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ValidateRect
IsWindowEnabled
GetCapture
DestroyWindow
EnableWindow
ReleaseCapture
InvalidateRgn
RealGetWindowClassA
UpdateWindow
ValidateRgn
FlashWindow
ExcludeUpdateRgn
IsWindow
SetCapture
GetUpdateRgn

kernel32

GetSystemDirectoryW
GetShortPathNameW
ConvertFiberToThread
GetStringTypeW
LoadResource
LocalFileTimeToFileTime
SetThreadIdealProcessor
SetEnvironmentVariableW
FindNextFileW
IsBadReadPtr
FindFirstFileW
GetOEMCP
FindClose
LocalAlloc
GetCurrentProcess
LCMapStringW
EnumResourceNamesW
SetErrorMode
SystemTimeToFileTime
FreeLibrary
RegisterWaitForSingleObject
FindResourceW
GetLocalTime
FileTimeToSystemTime
SetCurrentDirectoryW
CompareStringA
FileTimeToLocalFileTime
LocalFree
SearchPathW

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ