bc891d10f80c2fa52ceae136045a1a5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc891d10f80c2fa52ceae136045a1a5c_JaffaCakes118
Size

181KB
MD5

bc891d10f80c2fa52ceae136045a1a5c
SHA1

5975c114282d810ef400279b845624432feba285
SHA256

1b9ddfd603b4022c8dd47fcd7e6e6c3bd7723221a6ac874cab747ae45f338b82
SHA512

c50ab75c6d368ca149fe2c37e3c39f338d8c462162a24da57dbf51547877d5b83ad8fdca9fcc56ce70611156acce10d942910abe1ee6bc7b39cb92d099f17f08
SSDEEP

3072:Kwb+jpS4we2hVmqbn/UAn446MlSc7hnTl1UtK0Ta4kz2UJZdvH5eXup9A8:KB1Rw/mqbn/pZZT4MTBQup9b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc891d10f80c2fa52ceae136045a1a5c_JaffaCakes118

Files

bc891d10f80c2fa52ceae136045a1a5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e265895e7ac85f3c094d525bb2b7186f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
FreeLibrary
LocalAlloc
ConvertFiberToThread
LoadResource
LCMapStringW
CompareStringA
SetErrorMode
IsBadReadPtr
SetThreadIdealProcessor
FindClose
FindFirstFileW
GetStringTypeW
FileTimeToSystemTime
EnumResourceNamesW
SetEnvironmentVariableW
FileTimeToLocalFileTime
RegisterWaitForSingleObject
LocalFree
GetLocalTime
GetSystemDirectoryW
LocalFileTimeToFileTime
GetShortPathNameW
FindResourceW
SetCurrentDirectoryW
FindNextFileW
SystemTimeToFileTime
GetCurrentProcess
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

InvalidateRgn
RealGetWindowClassA
ValidateRect
ReleaseCapture
IsWindow
UpdateWindow
ValidateRgn
SetCapture
DestroyWindow
GetCapture
IsWindowEnabled
ExcludeUpdateRgn
EnableWindow
FlashWindow
GetUpdateRgn

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ