35a4098d3d6a488e27e0db46368ed093_JaffaCakes118 | Triage

Sharing

General

Target

35a4098d3d6a488e27e0db46368ed093_JaffaCakes118
Size

172KB
MD5

35a4098d3d6a488e27e0db46368ed093
SHA1

841f174b3af5a3262d33fdf39bd56cb8eb49daf1
SHA256

acb4753938a9bdb1df97155fb9d97dd78980e0c175ca8900308a43f3856f4362
SHA512

05cc72003b85340f58e3a5677cb7ba2cbee260773d9eeb958ba246c27f5a0545040ac1eaaa3b9718b68a1a7654437a3dff987f407ab35f704573a69efe98c3c9
SSDEEP

3072:stEtrCMnFxGWDasHyjj4O+POqhELMjtfd+MU3MTiVaqHNtS02pUpi:str0zDasH4j4zh2cV+GqH3SjA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35a4098d3d6a488e27e0db46368ed093_JaffaCakes118

Files

35a4098d3d6a488e27e0db46368ed093_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f285008bfc8de60452b905c5fedc7a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ValidateRgn
ReleaseCapture
InvalidateRgn
GetCapture
DestroyWindow
RealGetWindowClassA
ValidateRect
FlashWindow
IsWindowEnabled
EnableWindow
ExcludeUpdateRgn
IsWindow
UpdateWindow
SetCapture
GetUpdateRgn

kernel32

LocalAlloc
SystemTimeToFileTime
GetSystemDirectoryW
CreateFiberEx
LocalFileTimeToFileTime
CompareStringA
GetLocalTime
GetShortPathNameW
SetThreadAffinityMask
GetCurrentProcess
SetErrorMode
FindNextFileW
FindResourceW
EnumResourceNamesW
GetStringTypeW
FreeLibrary
FileTimeToLocalFileTime
SetThreadPriority
LoadResource
SetEnvironmentVariableW
LCMapStringW
FindClose
GetOEMCP
SetCurrentDirectoryW
IsBadReadPtr
LocalFree
FileTimeToSystemTime
FindFirstFileW
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ