a6d7230932d4c561cc1967bed1c2b1b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6d7230932d4c561cc1967bed1c2b1b6_JaffaCakes118
Size

165KB
MD5

a6d7230932d4c561cc1967bed1c2b1b6
SHA1

47db4562dc794661b312b35440a4a1ec08194275
SHA256

19bd5ef3b2efa54a63725c5621a90ed278c3b3706d10022ad55255e9c3797e4b
SHA512

5d534e6f187701377b70a03be324240d5a2da68d9112379b359816804b30a9f4338efb09b7230e7ea1b2e7a727b5cf9beaca0fe37ee5ec1a97402743b765cd03
SSDEEP

3072:2WdS4UTsNp/bmTgJMg93Cv2QE60QbxfS8/iBKUhQ/Hsyalafbd8ewMzvN:20Se/aTgJv65NH/i8UKH9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6d7230932d4c561cc1967bed1c2b1b6_JaffaCakes118

Files

a6d7230932d4c561cc1967bed1c2b1b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24b53bdcd9327bf35e02b2fb4703f9ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadReadPtr
FindResourceW
FreeLibrary
CreateFiberEx
FindClose
GetStringTypeW
CompareStringA
FindNextFileW
GetCurrentProcess
SetThreadAffinityMask
LCMapStringW
GetShortPathNameW
FindFirstFileW
GetLocalTime
EnumResourceNamesW
LocalFree
SetCurrentDirectoryW
LoadResource
SetEnvironmentVariableW
SetErrorMode
SystemTimeToFileTime
SetThreadPriority
GetOEMCP
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalAlloc
LocalFileTimeToFileTime
GetSystemDirectoryW
SearchPathW

user32

ExcludeUpdateRgn
ValidateRect
RealGetWindowClassA
InvalidateRgn
IsWindow
ReleaseCapture
DestroyWindow
EnableWindow
UpdateWindow
FlashWindow
GetCapture
IsWindowEnabled
ValidateRgn
SetCapture
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ