2ac3e9140680f79cad9b91cfe6f1da3c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ac3e9140680f79cad9b91cfe6f1da3c_JaffaCakes118
Size

165KB
MD5

2ac3e9140680f79cad9b91cfe6f1da3c
SHA1

5787822cfbfba64498f49e39b795633d6883892d
SHA256

d6a136b786e77f5b62d71494ffcc839e24c1ba75f60ac0b2a780d70126b1c9b1
SHA512

a1fc37b2e9817c23138e1f5fc583a5f1b799572a3dd37e68aaaf9175f1714a55ef853d534fe4336bbc10e499532539557c08d559ad94b0767337d1dcf65cae4d
SSDEEP

3072:mbXrsqSpnj+LPT139yG4bJgLmlFA8QKMcXAaIagQ33LM:mZ4jEPhNyf+iluZaIaJL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac3e9140680f79cad9b91cfe6f1da3c_JaffaCakes118

Files

2ac3e9140680f79cad9b91cfe6f1da3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

432e9db2be2789b7545d2e2478891f70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

LocalFree
FindClose
CreateFiberEx
FindResourceW
SetCurrentDirectoryW
LoadResource
FreeLibrary
FileTimeToLocalFileTime
GetCurrentProcess
FindNextFileW
SetThreadAffinityMask
SystemTimeToFileTime
FileTimeToSystemTime
GetSystemDirectoryW
SetErrorMode
LocalAlloc
EnumResourceNamesW
GetStringTypeW
SetThreadPriority
FindFirstFileW
GetLocalTime
LocalFileTimeToFileTime
LCMapStringW
GetOEMCP
IsBadReadPtr
CompareStringA
GetShortPathNameW
SetEnvironmentVariableW
SearchPathW

user32

ValidateRect
ExcludeUpdateRgn
UpdateWindow
IsWindow
DestroyWindow
FlashWindow
InvalidateRgn
ValidateRgn
EnableWindow
ReleaseCapture
SetCapture
RealGetWindowClassA
GetCapture
IsWindowEnabled
GetUpdateRgn

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ