3f0095d2e17df09828f42da2b7377a7c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f0095d2e17df09828f42da2b7377a7c_JaffaCakes118
Size

178KB
MD5

3f0095d2e17df09828f42da2b7377a7c
SHA1

213684c139527e9c16e425b627b977232ba8c138
SHA256

cc8837f3ede0d0a33c466d3b85fa2eb35cffbf9aec4fd8c6301437e8dcc7f0c3
SHA512

25e4ddfbe5f2841aaca60ad3e54e10d43390591c5377b15ce65e9e4c5b8fc41a50fb1cfe882aa109a324da682e9c8015003ecf9a787c897a93f590d7da0521be
SSDEEP

3072:B8PCh614n5S3CT+JdqnW9h8a97qL129m4UfnS4wSIrBtDTCLBj0RErY72uRBWp:Sq0inH6OQlu2E44SV6L6WrmhR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f0095d2e17df09828f42da2b7377a7c_JaffaCakes118

Files

3f0095d2e17df09828f42da2b7377a7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e4535698206127d55518e55609b6e753

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

EnableWindow
DestroyWindow
FlashWindow
ValidateRect
SetCapture
GetCapture
IsWindowEnabled
ReleaseCapture
UpdateWindow
RealGetWindowClassA
ExcludeUpdateRgn
ValidateRgn
IsWindow
InvalidateRgn
GetUpdateRgn

kernel32

LCMapStringW
LocalFileTimeToFileTime
CreateFiberEx
LocalAlloc
FindFirstFileW
GetLocalTime
FindClose
GetSystemDirectoryW
SetThreadAffinityMask
SetErrorMode
SystemTimeToFileTime
IsBadReadPtr
SetCurrentDirectoryW
FileTimeToSystemTime
LoadResource
FileTimeToLocalFileTime
EnumResourceNamesW
SetThreadPriority
FindNextFileW
FindResourceW
GetOEMCP
GetCurrentProcess
CompareStringA
LocalFree
GetStringTypeW
FreeLibrary
GetShortPathNameW
SetEnvironmentVariableW
SearchPathW

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ