a9f959730fa0a97033d82bbf45e54f97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9f959730fa0a97033d82bbf45e54f97_JaffaCakes118
Size

176KB
MD5

a9f959730fa0a97033d82bbf45e54f97
SHA1

adba59df787bfcbacb0a0ba845c788b99e14c4cb
SHA256

49118a1ba81956aed9609ac1fb90a8d6639de4e7214ae50250fde398e8ca60b2
SHA512

69fe0d249b6d2127845784efd85940460630a590c114993a944000efcd3cd29104bc6dc2acc242b94d33fecd7f186e81789443db5ac6011943121f591c19ae4c
SSDEEP

3072:cXz80qQJ72UBodRE5Cz4h4azhspPb91aBXBd+I+MJDdTUhedoaEhlHKYP790T:cDDqQJVmu5Cz4hF1YkRd+I+Mb0edbAqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9f959730fa0a97033d82bbf45e54f97_JaffaCakes118

Files

a9f959730fa0a97033d82bbf45e54f97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06d46089c800f1de36a30175e39d4560

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLocalTime
FileTimeToSystemTime
CreateFiberEx
LoadResource
GetCurrentProcess
LocalAlloc
GetStringTypeW
CompareStringA
FileTimeToLocalFileTime
SetThreadAffinityMask
LocalFileTimeToFileTime
FindNextFileW
SetErrorMode
FreeLibrary
GetSystemDirectoryW
EnumResourceNamesW
SetEnvironmentVariableW
LCMapStringW
GetShortPathNameW
FindResourceW
SetThreadPriority
SystemTimeToFileTime
SetCurrentDirectoryW
FindClose
GetOEMCP
FindFirstFileW
LocalFree
IsBadReadPtr
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

ValidateRgn
EnableWindow
ReleaseCapture
InvalidateRgn
ExcludeUpdateRgn
ValidateRect
RealGetWindowClassA
IsWindow
IsWindowEnabled
GetCapture
FlashWindow
DestroyWindow
UpdateWindow
SetCapture
GetUpdateRgn

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ