da9385a83a46282b1da3af8b3836206c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da9385a83a46282b1da3af8b3836206c_JaffaCakes118
Size

170KB
MD5

da9385a83a46282b1da3af8b3836206c
SHA1

32377871313a87fb67f5955b1dbf461768d5e16e
SHA256

beaa6d551a042a9346eec2b929b236486c5f2051667cce9a2dc2de556adb9c02
SHA512

c3ec084c8c212dc4f942ceed7f0b34e3112138bbea8ab2f33056ef91100fbf7061b8892970416af5cc7db66bb443ff228c41530e33534c628c13660f73ab3872
SSDEEP

3072:v/GAFrQM9FOyHQBF6Z90MRoG1T9N9MY1vC4uFG3j9uU6ctstRBZsR+Sr:3G4rQQOyHKF62iDvC4uuwitstNy+O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da9385a83a46282b1da3af8b3836206c_JaffaCakes118

Files

da9385a83a46282b1da3af8b3836206c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7baf8e04f6ab55a3edabe853a4efade

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceW
CreateFiberEx
CompareStringA
LocalFileTimeToFileTime
FileTimeToSystemTime
SystemTimeToFileTime
FindClose
IsBadReadPtr
SetErrorMode
FindNextFileW
SetThreadAffinityMask
LoadResource
FindFirstFileW
GetOEMCP
EnumResourceNamesW
GetSystemDirectoryW
GetLocalTime
FreeLibrary
LCMapStringW
SetThreadPriority
SetEnvironmentVariableW
LocalFree
GetStringTypeW
LocalAlloc
GetCurrentProcess
FileTimeToLocalFileTime
SetCurrentDirectoryW
GetShortPathNameW
SearchPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

ValidateRect
RealGetWindowClassA
SetCapture
ValidateRgn
IsWindow
FlashWindow
DestroyWindow
InvalidateRgn
ReleaseCapture
UpdateWindow
EnableWindow
GetCapture
IsWindowEnabled
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ