3d748331c10833dedcfcad7e550e99aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d748331c10833dedcfcad7e550e99aa_JaffaCakes118
Size

173KB
MD5

3d748331c10833dedcfcad7e550e99aa
SHA1

e5362aa424dea2f8ab68806f864c2af397ea604d
SHA256

76d99ed94e23c4b45e5c9aad01c115f35c429ab69236e356cd024dcec6c04604
SHA512

d2d8eb7abc70e15bab712fd1f942561d5f893a5daa45a0774a111d083459606d027013335ea98c5a5cb0510b371559137e7bfe0de4c424f1ca75ceaf5d160ba3
SSDEEP

3072:HAAty3Ngbid/p9vb8hNgOj/bYzVNUjPG9A6unIKYaOIegqSM5c89zH:KNgbidbvAh1/6jtA6uIReZuc4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d748331c10833dedcfcad7e550e99aa_JaffaCakes118

Files

3d748331c10833dedcfcad7e550e99aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

058943e6e0ed1265e462500fa5d5dd5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
MoveFileExW
CreateProcessW
GetCalendarInfoA
GetVersionExW
MapViewOfFile
HeapAlloc
CreateDirectoryW
WaitForSingleObject
GetConsoleCP
GetProcessHeap
CreateThread
GetTempPathW
GetModuleHandleA
GetConsoleMode
LoadLibraryExW
EnumResourceNamesA
TlsGetValue
HeapFree
GetEnvironmentVariableW
GetProcAddress
GetModuleHandleW
GetVersionExA
FindFirstFileW
ExitProcess
TlsFree
CreateFileW
UnmapViewOfFile
InterlockedIncrement
CreateFileMappingA
SetEvent
FlushFileBuffers
CreateFileA
GetExitCodeProcess
TlsAlloc
WriteConsoleW
SetLastError
GetLastError

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ