5428528e2d462edff20e6575f74b9ae1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5428528e2d462edff20e6575f74b9ae1_JaffaCakes118
Size

173KB
MD5

5428528e2d462edff20e6575f74b9ae1
SHA1

f498f8bb282501cc27b7e142f0711fc2d2da02fc
SHA256

b69ce227a2037d7c270dc59bf1392d27cad939334e366bfa14169ae1fa53cf2d
SHA512

f9cb41e91ed01d79bf5db0ef3e37eac7de4362da5324a1c3566a759361341d7405e6cd9d4255180bfcf21d1f0385b894f28e61858ca6e4bd785a152576a8a65d
SSDEEP

3072:eC/l2zwUJLCXPqG3oXSaWIc39JniNhazV5YVwmTP78F2iAcVpA5MQCT2dDbtYK4:l2z+qG3oX5Fd6sTK2ihVp8Ym3tT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5428528e2d462edff20e6575f74b9ae1_JaffaCakes118

Files

5428528e2d462edff20e6575f74b9ae1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e87ff328c34a7e1bb47b674bef7bcae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

ValidateRect
ValidateRgn
RealGetWindowClassA
IsWindow
EnableWindow
UpdateWindow
GetCapture
IsWindowEnabled
DestroyWindow
SetCapture
FlashWindow
ExcludeUpdateRgn
InvalidateRgn
ReleaseCapture
GetUpdateRgn

kernel32

FileTimeToSystemTime
CreateFiberEx
GetOEMCP
CompareStringA
FileTimeToLocalFileTime
SetCurrentDirectoryW
SetThreadAffinityMask
FindNextFileW
IsBadReadPtr
LoadResource
SetEnvironmentVariableW
GetLocalTime
GetStringTypeW
LocalAlloc
LCMapStringW
LocalFree
EnumResourceNamesW
FindFirstFileW
LocalFileTimeToFileTime
SetThreadPriority
FindClose
GetSystemDirectoryW
FreeLibrary
SetErrorMode
GetCurrentProcess
SystemTimeToFileTime
GetShortPathNameW
FindResourceW
SearchPathW

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ