a45486a8dbdbdee4cb1b994e9abfef4a_JaffaCakes118 | Triage

Sharing

General

Target

a45486a8dbdbdee4cb1b994e9abfef4a_JaffaCakes118
Size

173KB
MD5

a45486a8dbdbdee4cb1b994e9abfef4a
SHA1

bb89fcd3b6bf71a45e4930c0cba30c15f1b79e34
SHA256

b3a99bf4fb5a46eb9dab7032a981ce3c4fe73974a6f8b75209529189969c59c1
SHA512

d33ccf9f632674530af66d24f0a3d70536e301e8d66ed05e18e03b997f5597a7f474a2078ddc96e836493661b5193f39b9e6cf49b59072578ef3828b4a831dad
SSDEEP

3072:eC/l2zwUJLCXPqG3oXSaWIc39JniNhazV5YVwmTP78F2iAcVpA5MQCT2dDbtYK4:l2z+qG3oX5Fd6sTK2ihVp8Ym3tT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a45486a8dbdbdee4cb1b994e9abfef4a_JaffaCakes118

Files

a45486a8dbdbdee4cb1b994e9abfef4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e87ff328c34a7e1bb47b674bef7bcae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

ValidateRect
ValidateRgn
RealGetWindowClassA
IsWindow
EnableWindow
UpdateWindow
GetCapture
IsWindowEnabled
DestroyWindow
SetCapture
FlashWindow
ExcludeUpdateRgn
InvalidateRgn
ReleaseCapture
GetUpdateRgn

kernel32

FileTimeToSystemTime
CreateFiberEx
GetOEMCP
CompareStringA
FileTimeToLocalFileTime
SetCurrentDirectoryW
SetThreadAffinityMask
FindNextFileW
IsBadReadPtr
LoadResource
SetEnvironmentVariableW
GetLocalTime
GetStringTypeW
LocalAlloc
LCMapStringW
LocalFree
EnumResourceNamesW
FindFirstFileW
LocalFileTimeToFileTime
SetThreadPriority
FindClose
GetSystemDirectoryW
FreeLibrary
SetErrorMode
GetCurrentProcess
SystemTimeToFileTime
GetShortPathNameW
FindResourceW
SearchPathW

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ