75042daa2c54b1004a5f624b1e485b46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75042daa2c54b1004a5f624b1e485b46_JaffaCakes118
Size

171KB
MD5

75042daa2c54b1004a5f624b1e485b46
SHA1

2e2db9f6edcc9094c8fab20d03e62f21baffd820
SHA256

40de205a11ede38eacca03b2ace991b49fefd95e68d9f42ff79cd6bfd1be7680
SHA512

7de05f31e17a63dd76453161be3eeb54671e7cb9b331b98d6a0cd773323c123ec45afe8decc1f270bdf0158c5b93a050310b2c6ce7caa9170f94808ca2a287e8
SSDEEP

3072:IB7JfUeHhXtalrvxEberZvEZ4DTPiAMfaNAETNglnUYF627Y:I9JfUeHhXASyNcZo/6GNgl0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75042daa2c54b1004a5f624b1e485b46_JaffaCakes118

Files

75042daa2c54b1004a5f624b1e485b46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9822e319a0beabc65b11ae46bd924685

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
LoadResource
ConvertFiberToThread
LocalFileTimeToFileTime
SetCurrentDirectoryW
LocalAlloc
FindResourceW
SetThreadIdealProcessor
GetShortPathNameW
SetErrorMode
FindFirstFileW
LCMapStringW
SetEnvironmentVariableW
LocalFree
FreeLibrary
GetCurrentProcess
EnumResourceNamesW
SystemTimeToFileTime
IsBadReadPtr
GetStringTypeW
RegisterWaitForSingleObject
FileTimeToSystemTime
FindClose
CompareStringA
GetSystemDirectoryW
FileTimeToLocalFileTime
GetLocalTime
FindNextFileW
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

ReleaseCapture
EnableWindow
GetCapture
InvalidateRgn
IsWindowEnabled
DestroyWindow
UpdateWindow
RealGetWindowClassA
SetCapture
ValidateRgn
FlashWindow
IsWindow
ExcludeUpdateRgn
ValidateRect
GetUpdateRgn

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ