beafce848d41cac7665b6bc0653200ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

beafce848d41cac7665b6bc0653200ba_JaffaCakes118
Size

179KB
MD5

beafce848d41cac7665b6bc0653200ba
SHA1

8a4639c15de54c9e7ba863bb12a4cf56009bd997
SHA256

b089c9c628a6380e9a1954d1d06f9ca1fc49ab0590a73a4b8e371648d815d4e2
SHA512

866bb4eeea26915777df32d4d4067518b3da0ac795142c189ef685af7ceaddf65f8344279b9262edb59fe73250aac92bf87ee4d0b98611139c4017a05b2a9823
SSDEEP

3072:j4ZoAy2OXdAVi/yqP+9Yap5dzRE5QtRrzh2y/Gbr9Fkms9eX6:MittAVo7m93dz+QtRgkG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beafce848d41cac7665b6bc0653200ba_JaffaCakes118

Files

beafce848d41cac7665b6bc0653200ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

613825db7829a2069be1716acb8fa276

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ReleaseCapture
ExcludeUpdateRgn
FlashWindow
IsWindowEnabled
ValidateRect
InvalidateRgn
GetCapture
ValidateRgn
RealGetWindowClassA
UpdateWindow
DestroyWindow
EnableWindow
IsWindow
GetUpdateRgn

kernel32

GetStringTypeW
CreateFiberEx
FindClose
FileTimeToLocalFileTime
CompareStringA
IsBadReadPtr
LocalFree
SetThreadAffinityMask
SetEnvironmentVariableW
LocalFileTimeToFileTime
GetShortPathNameW
FindNextFileW
LCMapStringW
FindResourceW
GetOEMCP
GetSystemDirectoryW
EnumResourceNamesW
LoadResource
FreeLibrary
SetThreadPriority
SetErrorMode
FileTimeToSystemTime
GetCurrentProcess
SystemTimeToFileTime
SetCurrentDirectoryW
FindFirstFileW
LocalAlloc
GetLocalTime
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ