3a4fac0bcfd1d8ec46042875f725e62f_JaffaCakes118 | Triage

Sharing

General

Target

3a4fac0bcfd1d8ec46042875f725e62f_JaffaCakes118
Size

175KB
MD5

3a4fac0bcfd1d8ec46042875f725e62f
SHA1

dd8a26ebf8d549dbd5675bd36648fde5ebe0d544
SHA256

9ad27ca17d0657dee32378df9aef43a268b10f7eab192272bcd69060e5079c63
SHA512

0f935938ce16a91593a1826bb865d639a6491fff4ea837ee8e785d8198962801725e634f095f1d480e467f905fa165db0ae996d235786f72af343994a56901f0
SSDEEP

3072:tsxg5VDdWyiN2fX+GwLvMjyXDjNohkWBi7Iy4nQFOivrbuP3yzM++YoFQAtS7/50:tsC5VDN22fHIPjNohkey4nQ7rbSizmhN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a4fac0bcfd1d8ec46042875f725e62f_JaffaCakes118

Files

3a4fac0bcfd1d8ec46042875f725e62f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7f33e7e50b0fbf16fb98db3ca809698

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

DestroyWindow
ReleaseCapture
FlashWindow
ValidateRgn
IsWindow
InvalidateRgn
ExcludeUpdateRgn
ValidateRect
IsWindowEnabled
EnableWindow
SetCapture
GetCapture
UpdateWindow
RealGetWindowClassA
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

GetCurrentProcess
ConvertFiberToThread
FindNextFileW
FindResourceW
SetEnvironmentVariableW
GetLocalTime
SystemTimeToFileTime
FileTimeToLocalFileTime
SetThreadIdealProcessor
GetSystemDirectoryW
GetOEMCP
FreeLibrary
FileTimeToSystemTime
SetErrorMode
LoadResource
GetShortPathNameW
EnumResourceNamesW
SetCurrentDirectoryW
LCMapStringW
RegisterWaitForSingleObject
LocalFileTimeToFileTime
FindClose
CompareStringA
GetStringTypeW
LocalAlloc
IsBadReadPtr
FindFirstFileW
LocalFree
SearchPathW

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ