2c7c82a9a6d5b947a11b8d36722fbd39_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c7c82a9a6d5b947a11b8d36722fbd39_JaffaCakes118
Size

163KB
MD5

2c7c82a9a6d5b947a11b8d36722fbd39
SHA1

fc1549daadafd6bac6e6fe6ecc3a93047ce9ead0
SHA256

b920e4f4c4cfab4d49f98581751fbc183340bcb9dff775a59752b7b1bb03aea7
SHA512

c882caa119be500ac1b0b7b1c998b3ccca083b19ac3364ec8bb1af9982066baf41c4267631b8aee31874ff0324470609dae48985822cf3c171a367c590d581fd
SSDEEP

3072:Ocbl7iKTCZFIdhRSMn5xxDgHsRqs8Mzc3MqDUu6GkkiEwCN243AwuL0/:OcpXIFIdhR9n5twM4TpAkZdx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c7c82a9a6d5b947a11b8d36722fbd39_JaffaCakes118

Files

2c7c82a9a6d5b947a11b8d36722fbd39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

629ed06e9adc075155649099ac4c4e92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

GetShortPathNameW
FindNextFileW
ConvertFiberToThread
CompareStringA
GetOEMCP
SetEnvironmentVariableW
LocalAlloc
SetErrorMode
SetThreadIdealProcessor
FileTimeToLocalFileTime
IsBadReadPtr
FindResourceW
FindFirstFileW
GetStringTypeW
FreeLibrary
EnumResourceNamesW
LCMapStringW
SystemTimeToFileTime
RegisterWaitForSingleObject
GetSystemDirectoryW
FileTimeToSystemTime
LoadResource
GetLocalTime
LocalFree
FindClose
LocalFileTimeToFileTime
GetCurrentProcess
SetCurrentDirectoryW
SearchPathW

user32

ExcludeUpdateRgn
EnableWindow
RealGetWindowClassA
ValidateRect
SetCapture
UpdateWindow
InvalidateRgn
ReleaseCapture
IsWindow
IsWindowEnabled
GetCapture
FlashWindow
ValidateRgn
DestroyWindow
GetUpdateRgn

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ