c159541690c1bc01bf09172a8664ef89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c159541690c1bc01bf09172a8664ef89_JaffaCakes118
Size

182KB
MD5

c159541690c1bc01bf09172a8664ef89
SHA1

92b9168a07c4ec81e9c8f2302a9735c37efe4192
SHA256

ba72ee578cdbad1ba9860eb8a9cc30548beac884fe41bec2baedcb52f830f73d
SHA512

78f6e313456ab70f3cbe90fb573eb293b2be2fba6cf80783f9b48008eb3d6ab75598d708092e1971f0e5618785a64d56a4ad40b54acbf36896b44304a4b8a694
SSDEEP

3072:igzFDjeemiZcjWrCH1K7mMb5/6u93MhlimyU58N6R6vVZtsx+gqSx96N0i/NruvV:igAemiZ25H1A5iu936sqMvVH4r46ouGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c159541690c1bc01bf09172a8664ef89_JaffaCakes118

Files

c159541690c1bc01bf09172a8664ef89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55619ece9681a0bffc51153eed2d1332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEnvironmentVariableW
SetCurrentDirectoryW
GetShortPathNameW
LocalFileTimeToFileTime
ConvertFiberToThread
GetSystemDirectoryW
LoadResource
LCMapStringW
SetThreadIdealProcessor
FreeLibrary
SetErrorMode
GetCurrentProcess
GetOEMCP
LocalFree
IsBadReadPtr
FindFirstFileW
EnumResourceNamesW
FileTimeToLocalFileTime
FindResourceW
RegisterWaitForSingleObject
LocalAlloc
GetStringTypeW
FindNextFileW
CompareStringA
FindClose
SystemTimeToFileTime
FileTimeToSystemTime
GetLocalTime
SearchPathW

user32

DestroyWindow
RealGetWindowClassA
EnableWindow
UpdateWindow
InvalidateRgn
GetCapture
ValidateRect
IsWindowEnabled
IsWindow
ValidateRgn
SetCapture
FlashWindow
ReleaseCapture
ExcludeUpdateRgn
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ