432c4a3bba836e0cb24dceeb690111df_JaffaCakes118 | Triage

Sharing

General

Target

432c4a3bba836e0cb24dceeb690111df_JaffaCakes118
Size

175KB
MD5

432c4a3bba836e0cb24dceeb690111df
SHA1

446d4eee09b01db02d6e809238fbdba48ba976e7
SHA256

48deb797a341d1529a68fc7ea72913f3e3f6e6d3922441bf3818103c3a243806
SHA512

c27068db75b36b5cef6e9aac3ea46011b52687f86400ef5e2b0b10a3559725db56e61970f06a6ff7f6bfbfd3e39895cccd13103140f400d74b4410766a74fae9
SSDEEP

3072:btHV27kYrdT6b5o39L/djK0DJJPXBdb8KAcs8aOX2tEEEjemiGHN1CmhQXXVF:5HO0bWLl20vPRZ8trOGqv6mjXry

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
432c4a3bba836e0cb24dceeb690111df_JaffaCakes118

Files

432c4a3bba836e0cb24dceeb690111df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a0de4362e09e50b7dc542dd6acd3335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
IsWindow
ValidateRgn
FlashWindow
InvalidateRgn
RealGetWindowClassA
UpdateWindow
ReleaseCapture
IsWindowEnabled
DestroyWindow
GetCapture
ValidateRect
SetCapture
EnableWindow
GetUpdateRgn

kernel32

ConvertFiberToThread
FileTimeToLocalFileTime
GetLocalTime
GetSystemDirectoryW
GetStringTypeW
FindResourceW
SetErrorMode
GetOEMCP
SetThreadIdealProcessor
FindClose
FreeLibrary
CompareStringA
FindFirstFileW
GetCurrentProcess
LocalFree
EnumResourceNamesW
LocalAlloc
LoadResource
SetEnvironmentVariableW
FindNextFileW
RegisterWaitForSingleObject
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetShortPathNameW
LCMapStringW
SetCurrentDirectoryW
IsBadReadPtr
SearchPathW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ