38e84eacef5d996ce9951cf7dd8fa611_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38e84eacef5d996ce9951cf7dd8fa611_JaffaCakes118
Size

170KB
MD5

38e84eacef5d996ce9951cf7dd8fa611
SHA1

316c99a4911bf6a87877b089ef69c07396f92ea2
SHA256

6ac9ad45476522fafc98cbc0efbe599e665811bd11bc8e24659491f751b08397
SHA512

80e9136fa649eb0397b9d5c73a232276dddee242cae213cc1d4e6e2d60344c3458e1355f476af21eb03a2102ed17d2aa5a089bac3184fa1b3477156793a61959
SSDEEP

3072:v/GAFrQM9FOyHQBF6Z90MRoG1T9N9MY1vC4uFG3j9uU6ctstRBZsR+Sr:3G4rQQOyHKF62iDvC4uuwitstNy+O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38e84eacef5d996ce9951cf7dd8fa611_JaffaCakes118

Files

38e84eacef5d996ce9951cf7dd8fa611_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7baf8e04f6ab55a3edabe853a4efade

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindResourceW
CreateFiberEx
CompareStringA
LocalFileTimeToFileTime
FileTimeToSystemTime
SystemTimeToFileTime
FindClose
IsBadReadPtr
SetErrorMode
FindNextFileW
SetThreadAffinityMask
LoadResource
FindFirstFileW
GetOEMCP
EnumResourceNamesW
GetSystemDirectoryW
GetLocalTime
FreeLibrary
LCMapStringW
SetThreadPriority
SetEnvironmentVariableW
LocalFree
GetStringTypeW
LocalAlloc
GetCurrentProcess
FileTimeToLocalFileTime
SetCurrentDirectoryW
GetShortPathNameW
SearchPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

ValidateRect
RealGetWindowClassA
SetCapture
ValidateRgn
IsWindow
FlashWindow
DestroyWindow
InvalidateRgn
ReleaseCapture
UpdateWindow
EnableWindow
GetCapture
IsWindowEnabled
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ