977ee709db9c273db862bde7ee5841fa_JaffaCakes118 | Triage

Sharing

General

Target

977ee709db9c273db862bde7ee5841fa_JaffaCakes118
Size

165KB
MD5

977ee709db9c273db862bde7ee5841fa
SHA1

442e86dd78b14203ed9fdac247fcbba2bc00c36f
SHA256

bb21707f80f4c4d7c93412655badee6fe33368beb2d4f95e54202b2f750bdbfd
SHA512

a37c919d6ccac364fbc439e18051e56aaf6180f9d5f8fc0d4a09c6bd9b59ab18f475fa2832caef4f5a4185ae32a1c6a5a9cbf2db5411a060c92f6c19fccc0cf6
SSDEEP

3072:Yp4WPOrGIOAQpzb4Ez0Ee1kAMxiobxxG2n/TAjqjauHYm5ebmRxvMq:69PmgzbS0xiyxxG2/TFauHYME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
977ee709db9c273db862bde7ee5841fa_JaffaCakes118

Files

977ee709db9c273db862bde7ee5841fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc67b053aec2cd30167a65c579a30f87

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindNextFileW
FreeLibrary
ConvertFiberToThread
LocalFree
SetEnvironmentVariableW
GetStringTypeW
LocalAlloc
FileTimeToLocalFileTime
SetThreadIdealProcessor
LocalFileTimeToFileTime
FindClose
IsBadReadPtr
GetOEMCP
GetLocalTime
EnumResourceNamesW
LCMapStringW
LoadResource
RegisterWaitForSingleObject
GetSystemDirectoryW
GetCurrentProcess
FindFirstFileW
CompareStringA
FindResourceW
SystemTimeToFileTime
SetErrorMode
SetCurrentDirectoryW
FileTimeToSystemTime
GetShortPathNameW
SearchPathW

user32

ValidateRect
IsWindowEnabled
GetCapture
ExcludeUpdateRgn
ValidateRgn
DestroyWindow
EnableWindow
ReleaseCapture
SetCapture
InvalidateRgn
RealGetWindowClassA
IsWindow
UpdateWindow
FlashWindow
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ