2be243e16459216473318deac5410b24_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2be243e16459216473318deac5410b24_JaffaCakes118
Size

164KB
MD5

2be243e16459216473318deac5410b24
SHA1

dca3cad0f4e37d71f2c290ee339a2ba53a86f1db
SHA256

18836b89080219663df68b61a2d7693cdb21354ec8055e05e2466002d02508ee
SHA512

d5e97b5750c3e0d33d2a16a6ab975aa410c009bf6b0fa98fde8c7274fef1e6ce75963046813ea8a5092b41e48cb7add169fb2a582ee77ea48dd840de197e585e
SSDEEP

3072:HeYkGcPLKhX4MlJPmBVQMMwVTjv6fIBnr2/EJSV6cX6LLq2GgFryJPG:+Y2sonVT/6Q/SV9X6Ls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be243e16459216473318deac5410b24_JaffaCakes118

Files

2be243e16459216473318deac5410b24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc44308f8fe8a408c6afb6dc757db939

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceW
ConvertFiberToThread
GetCurrentProcess
GetOEMCP
FileTimeToSystemTime
FindClose
FileTimeToLocalFileTime
GetStringTypeW
SetThreadIdealProcessor
FindFirstFileW
GetLocalTime
IsBadReadPtr
FindNextFileW
EnumResourceNamesW
SetCurrentDirectoryW
GetSystemDirectoryW
SetEnvironmentVariableW
GetShortPathNameW
LCMapStringW
LocalFree
RegisterWaitForSingleObject
SystemTimeToFileTime
LocalFileTimeToFileTime
LoadResource
SetErrorMode
LocalAlloc
FreeLibrary
CompareStringA
SearchPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

FlashWindow
EnableWindow
ValidateRgn
IsWindowEnabled
RealGetWindowClassA
IsWindow
ReleaseCapture
UpdateWindow
DestroyWindow
InvalidateRgn
ValidateRect
ExcludeUpdateRgn
GetCapture
SetCapture
GetUpdateRgn

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ