96d6c6e49fbf10fd946b9800c3ff2ecf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96d6c6e49fbf10fd946b9800c3ff2ecf_JaffaCakes118
Size

180KB
MD5

96d6c6e49fbf10fd946b9800c3ff2ecf
SHA1

77c987b9d597a7a1b82d31ef1a1c0c6dbb9443f8
SHA256

7776adf222128ee27501d53e3ffebc1c39801760759ed46b820a95faf1bc2b91
SHA512

b5825164708c0eccd50b47b27b4bd2aa3283459ed0f54adb442be1425ccc1aff5145bbe45ae22efeb9df93763c29bef7881a535f9028c16da1c3bd4c9ac7ac40
SSDEEP

3072:UeBoSi47wfO3SPRZ8JCU7Zv2HVfs7gaEG0crzdWtApcOwLbrFlKHH7j2VdLcIAjH:1iKwQM8bxK2gapzgmpcOwLbrFlKfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96d6c6e49fbf10fd946b9800c3ff2ecf_JaffaCakes118

Files

96d6c6e49fbf10fd946b9800c3ff2ecf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23569eb4dc7aae4071849ded70f7e4b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

rpcrt4

NdrFixedArrayFree
UuidCreate

shlwapi

PathFileExistsW

advapi32

RegOpenKeyA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA

kernel32

VirtualAllocEx
WideCharToMultiByte
RaiseException
MultiByteToWideChar
EnumResourceNamesW
LocalAlloc
GetSystemTimeAsFileTime
CreateProcessA
lstrlenA
OpenWaitableTimerW
InterlockedExchange

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ