35bafa1e32b08cb216210d2c0f63411b_JaffaCakes118 | Triage

Sharing

General

Target

35bafa1e32b08cb216210d2c0f63411b_JaffaCakes118
Size

451KB
MD5

35bafa1e32b08cb216210d2c0f63411b
SHA1

1ed2d6e904053b059af48e2568dfc9572a082e35
SHA256

2f77aa1e053e1b262f324bc47a06072aca77d054ca3ca56cacdbe3e6679a9808
SHA512

1ac3154f6485e2fc0198e9fa9b76027e1f3dd0d5cac971603e5a904b5b29afae30b4d95c773a67346673beef47b150715647e7dde32ba3169b491c9c31a327f9
SSDEEP

12288:EkD0zNmRuYmGLv3SWZiSd4u79MzLPaO8:dDQmsjiPl9mLSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35bafa1e32b08cb216210d2c0f63411b_JaffaCakes118

Files

35bafa1e32b08cb216210d2c0f63411b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffe9c28808f15708106a340ba2accaf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatW
GetConsoleCP
EnumCalendarInfoA
GetCPInfoExA
Module32First
GetPrivateProfileSectionNamesW
GetThreadContext
CreateDirectoryW
GetProcAddress
VirtualAlloc
GetCPInfoExW
OpenThread
CompareStringW

msvcrt

exit
free
_wspawnve
_getdrive
__p___initenv
_Strftime
fwrite

mprapi

MprAdminMIBEntryGet
MprConfigTransportGetHandle
MprAdminUserWriteProfFlags
MprAdminGetErrorString
MprAdminConnectionEnum
MprAdminServerConnect
MprConfigGetFriendlyName
MprConfigInterfaceTransportGetHandle
MprAdminBufferFree
MprConfigInterfaceGetInfo

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 5KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 310KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ