4c030922a18da7f34116ed6a42b1e075_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c030922a18da7f34116ed6a42b1e075_JaffaCakes118
Size

167KB
MD5

4c030922a18da7f34116ed6a42b1e075
SHA1

964bf96fb81823f02fe531fcfcaefc67f06a6499
SHA256

7d828fca55b0f2e1d047c4e358648d102d9c7683fa8ae1883ac90add7cff452f
SHA512

c553e56ef816112b81212d62c1f74a7e2147d02cd464f1bb6b2c78ac94f13efc58b1e379aaba1f3000bd41f43399ffc371ed7e9c67b1cb93681e51ee0266de15
SSDEEP

3072:0myVBjxX2WZ4o6PRue1cuaV+RZaLiApl1X/PnyCO4LEFqvR4q+Ed6K:0/BjRPZ4VNcup0LFpbCLJFq1D6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c030922a18da7f34116ed6a42b1e075_JaffaCakes118

Files

4c030922a18da7f34116ed6a42b1e075_JaffaCakes118
.exe windows:4 windows x86 arch:x86

feaecf41742b429e64b4a604ac188bcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ConvertFiberToThread
GetSystemDirectoryW
FileTimeToLocalFileTime
LocalFree
GetOEMCP
IsBadReadPtr
SetErrorMode
FindNextFileW
SetThreadIdealProcessor
SetEnvironmentVariableW
SystemTimeToFileTime
LCMapStringW
FreeLibrary
GetCurrentProcess
EnumResourceNamesW
LocalFileTimeToFileTime
FindResourceW
CompareStringA
LoadResource
RegisterWaitForSingleObject
GetShortPathNameW
LocalAlloc
FindClose
FindFirstFileW
GetLocalTime
GetStringTypeW
FileTimeToSystemTime
SetCurrentDirectoryW
SearchPathW

user32

FlashWindow
SetCapture
ValidateRgn
ExcludeUpdateRgn
GetCapture
ValidateRect
ReleaseCapture
IsWindow
IsWindowEnabled
EnableWindow
UpdateWindow
InvalidateRgn
DestroyWindow
RealGetWindowClassA
GetUpdateRgn

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ