d72fc3739c6160cfe837c0a8eeac126c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d72fc3739c6160cfe837c0a8eeac126c_JaffaCakes118
Size

163KB
MD5

d72fc3739c6160cfe837c0a8eeac126c
SHA1

d5acc71e64874370bf516c3dd361bdfba97d1dc1
SHA256

8c54f050b4f476d11d2d6151084fbe6de95319decfa53b37c52dff2d3c2baf17
SHA512

71359718f7fc00203ac71752e389f65ce63caa9185a7b04e1522ea6224c9f3d3a3879e33a67f248bfeec7940492bfecb574917e74bd68cd739b3d5376af82643
SSDEEP

3072:w49Q1izPTzCaTpmN95/gm09k+zqqSrSMVAlx92vJaGAZYxHWPWEp:w49QszTpq95/gH9x1iSMVAlf7eWuK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d72fc3739c6160cfe837c0a8eeac126c_JaffaCakes118

Files

d72fc3739c6160cfe837c0a8eeac126c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23e58330cf5e48e960376e7ba33fffb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

UpdateWindow
FlashWindow
DestroyWindow
ValidateRgn
IsWindowEnabled
RealGetWindowClassA
EnableWindow
GetCapture
InvalidateRgn
ReleaseCapture
ValidateRect
IsWindow
SetCapture
ExcludeUpdateRgn
GetUpdateRgn

kernel32

FileTimeToSystemTime
SystemTimeToFileTime
CreateFiberEx
IsBadReadPtr
FindResourceW
GetShortPathNameW
GetStringTypeW
SetErrorMode
FindFirstFileW
SetThreadAffinityMask
FindClose
LocalFileTimeToFileTime
SetEnvironmentVariableW
LocalFree
EnumResourceNamesW
GetLocalTime
FreeLibrary
LCMapStringW
CompareStringA
FileTimeToLocalFileTime
LocalAlloc
SetThreadPriority
SetCurrentDirectoryW
LoadResource
FindNextFileW
GetOEMCP
GetSystemDirectoryW
GetCurrentProcess
SearchPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ