72ffb9f09caf659ce4fa3d9831f5b701_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72ffb9f09caf659ce4fa3d9831f5b701_JaffaCakes118
Size

164KB
MD5

72ffb9f09caf659ce4fa3d9831f5b701
SHA1

0ca674d848ae3d13237efcf0e6c4e9bec20e4d7b
SHA256

477da07c28967a99756a3e342ce8545898eda38a4d901494ff3d7439f689a171
SHA512

959ba70f971185571d1162319063ae2c310c403943129808a11e7a43abab9f78ac657d543b1de1c16ebfca61ec25cd8624a6d537880a0d0d360feb51ba85f3e2
SSDEEP

3072:uPcrA5c7geYJfmKJ26oYiwqPBWCRbOiyT7QtiPN/uVSmYfDIwN7y6mZCEfjqzou:u2v7gbJOKJBoYHqPBWC0rQtiPYjMD5JT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72ffb9f09caf659ce4fa3d9831f5b701_JaffaCakes118

Files

72ffb9f09caf659ce4fa3d9831f5b701_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f82e3c88e8bf242ff6f3b23f0a174a3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

IsWindow
ReleaseCapture
DestroyWindow
UpdateWindow
ValidateRect
SetCapture
RealGetWindowClassA
IsWindowEnabled
ExcludeUpdateRgn
FlashWindow
GetCapture
EnableWindow
InvalidateRgn
ValidateRgn
GetUpdateRgn

kernel32

FreeLibrary
SetEnvironmentVariableW
LocalFree
CreateFiberEx
LCMapStringW
GetCurrentProcess
SetCurrentDirectoryW
SetThreadAffinityMask
GetOEMCP
LocalFileTimeToFileTime
CompareStringA
FileTimeToSystemTime
EnumResourceNamesW
GetLocalTime
LocalAlloc
SetErrorMode
SystemTimeToFileTime
FindClose
GetSystemDirectoryW
SetThreadPriority
FindResourceW
IsBadReadPtr
FindNextFileW
GetShortPathNameW
FindFirstFileW
FileTimeToLocalFileTime
GetStringTypeW
LoadResource
SearchPathW

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ