38d029ca051210d593a3bbed15ef3374_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38d029ca051210d593a3bbed15ef3374_JaffaCakes118
Size

176KB
MD5

38d029ca051210d593a3bbed15ef3374
SHA1

3e6f7ae65208b5cb54daf09b57f944633cd257a4
SHA256

6b97d86f7413b9390fb050b280654e2785924c7deaf1a453da597dbee34692cf
SHA512

16c70eae7fbfea835c9e490d65d4d694cfb66019b46aad08c10b61a2f4342b493554dd79c05363acaafe4385ee71a2ee64395223e342134e9d55ed9ef3d26934
SSDEEP

3072:jq/SkinbIdukLyHszIS3dKFHALnFTYBYQg9Zkg/DCQ/8g0c2aW1b7BZ2RQQOOWUo:jq/SLbI0kLy4I+dK8ZDkg/D9Ug/W1D69

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d029ca051210d593a3bbed15ef3374_JaffaCakes118

Files

38d029ca051210d593a3bbed15ef3374_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf1aae90b9c1dae0c49eff3f6df538d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetCapture
FlashWindow
DestroyWindow
IsWindowEnabled
UpdateWindow
InvalidateRgn
EnableWindow
ValidateRect
IsWindow
ReleaseCapture
RealGetWindowClassA
ExcludeUpdateRgn
SetCapture
ValidateRgn
GetUpdateRgn

kernel32

CreateFiberEx
FindFirstFileW
LCMapStringW
LocalFileTimeToFileTime
LocalAlloc
GetSystemDirectoryW
SetThreadAffinityMask
FileTimeToSystemTime
FindNextFileW
SetCurrentDirectoryW
GetLocalTime
CompareStringA
FreeLibrary
IsBadReadPtr
SystemTimeToFileTime
EnumResourceNamesW
FileTimeToLocalFileTime
SetThreadPriority
GetOEMCP
SetEnvironmentVariableW
SetErrorMode
GetStringTypeW
FindResourceW
GetCurrentProcess
FindClose
GetShortPathNameW
LocalFree
LoadResource
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ