a933c8a4fb6392f2ee4352ae78a3b185_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a933c8a4fb6392f2ee4352ae78a3b185_JaffaCakes118
Size

176KB
MD5

a933c8a4fb6392f2ee4352ae78a3b185
SHA1

e32c954912cc214cf4183fc8519ee28c7faa1f56
SHA256

687df58c8f840e74aad0d1ba96f06059b3a954b80d950836bce7560f497458e2
SHA512

ed75eb1280e6cbc43f1a085e4ffb88ac25308e21bb576cfcb677431f3235535ec1934a41e7eea3742b0b50d50ce31cac9ddc0065e341b4961bad11e2da364c39
SSDEEP

3072:jq/SkinbIdukLyHszIS3dKFHALnFTYBYQg9Zkg/DCQ/8g0c2aW1b7BZ2RQQOOWUo:jq/SLbI0kLy4I+dK8ZDkg/D9Ug/W1D69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a933c8a4fb6392f2ee4352ae78a3b185_JaffaCakes118

Files

a933c8a4fb6392f2ee4352ae78a3b185_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf1aae90b9c1dae0c49eff3f6df538d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetCapture
FlashWindow
DestroyWindow
IsWindowEnabled
UpdateWindow
InvalidateRgn
EnableWindow
ValidateRect
IsWindow
ReleaseCapture
RealGetWindowClassA
ExcludeUpdateRgn
SetCapture
ValidateRgn
GetUpdateRgn

kernel32

CreateFiberEx
FindFirstFileW
LCMapStringW
LocalFileTimeToFileTime
LocalAlloc
GetSystemDirectoryW
SetThreadAffinityMask
FileTimeToSystemTime
FindNextFileW
SetCurrentDirectoryW
GetLocalTime
CompareStringA
FreeLibrary
IsBadReadPtr
SystemTimeToFileTime
EnumResourceNamesW
FileTimeToLocalFileTime
SetThreadPriority
GetOEMCP
SetEnvironmentVariableW
SetErrorMode
GetStringTypeW
FindResourceW
GetCurrentProcess
FindClose
GetShortPathNameW
LocalFree
LoadResource
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ