f9a9c551e8b5ed2c38b5162a210646cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9a9c551e8b5ed2c38b5162a210646cd_JaffaCakes118
Size

181KB
MD5

f9a9c551e8b5ed2c38b5162a210646cd
SHA1

7947da8d568658e7efa3a4d372eabd70ce7c052d
SHA256

d065b00423978866cc4cea822915b26ee83f9d1424b5c8334b1ec1313ac612bf
SHA512

265d6294d9162bfd746893b606fd9982a97e7c8b342f66b299f2f1baa84a75e4a62f420c2903b7fe2558ec417945b38b05f4cfdd263be3641708c7b7b41df63d
SSDEEP

3072:qQDVNrxqGNbJLvAGCLYYYWLK6tYKtODk96Z4G0HteoaVPic422JL6dw4FJSlzB3:frkqJcAYBftzOE64G0Hko0qcE6+2StB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a9c551e8b5ed2c38b5162a210646cd_JaffaCakes118

Files

f9a9c551e8b5ed2c38b5162a210646cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b9a441e841f5e586d6ce4147e92cdd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
ValidateRgn
IsWindow
RealGetWindowClassA
UpdateWindow
ValidateRect
ReleaseCapture
DestroyWindow
IsWindowEnabled
EnableWindow
FlashWindow
InvalidateRgn
SetCapture
GetCapture
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

FileTimeToSystemTime
CreateFiberEx
FindResourceW
LCMapStringW
LocalAlloc
SetErrorMode
LocalFree
SetCurrentDirectoryW
GetShortPathNameW
SetThreadAffinityMask
GetSystemDirectoryW
SetEnvironmentVariableW
GetLocalTime
GetCurrentProcess
GetStringTypeW
FindNextFileW
EnumResourceNamesW
LocalFileTimeToFileTime
FindClose
SetThreadPriority
CompareStringA
IsBadReadPtr
FreeLibrary
SystemTimeToFileTime
LoadResource
FindFirstFileW
GetOEMCP
FileTimeToLocalFileTime
SearchPathW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ