cf76e463c11145abb6745ddf36a89904_JaffaCakes118 | Triage

Sharing

General

Target

cf76e463c11145abb6745ddf36a89904_JaffaCakes118
Size

169KB
MD5

cf76e463c11145abb6745ddf36a89904
SHA1

3a8772fdb95c7c14d6ca6d0bf9863ac4662e9d93
SHA256

b2784d05124ccf35a408684642ec1858c0d2413bf5816b1b8911b0ba4786b438
SHA512

1470f26f3ee6e0de77b1772400d1cb162fd80900e9c931688c7d2d8efdf62e7f604e49507eff993d83c31a3d105e8592d22fd2fe2b61bd92299bf8f62f556702
SSDEEP

3072:86pVsJhQrNypeCNpjDOo0kfqDOWTKji/AlNGsMQSNGOBgxvBLkq/WTi:8odNG/YkfqRe6AlgsMLyvBLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf76e463c11145abb6745ddf36a89904_JaffaCakes118

Files

cf76e463c11145abb6745ddf36a89904_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3cce48b48ecaf2949018ebfd6389402d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

DestroyWindow
ExcludeUpdateRgn
FlashWindow
RealGetWindowClassA
EnableWindow
ValidateRgn
GetCapture
ValidateRect
IsWindowEnabled
SetCapture
IsWindow
ReleaseCapture
UpdateWindow
InvalidateRgn
GetUpdateRgn

kernel32

CompareStringA
GetSystemDirectoryW
FileTimeToLocalFileTime
ConvertFiberToThread
SetCurrentDirectoryW
LCMapStringW
FindResourceW
FileTimeToSystemTime
LocalFree
GetLocalTime
SetThreadIdealProcessor
FindNextFileW
LoadResource
FindFirstFileW
EnumResourceNamesW
SetErrorMode
LocalFileTimeToFileTime
LocalAlloc
GetStringTypeW
RegisterWaitForSingleObject
GetOEMCP
GetShortPathNameW
SystemTimeToFileTime
FindClose
IsBadReadPtr
GetCurrentProcess
SetEnvironmentVariableW
FreeLibrary
SearchPathW

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ