dd1fdb5b5ee33661e34e1208ff1856cb_JaffaCakes118 | Triage

Sharing

General

Target

dd1fdb5b5ee33661e34e1208ff1856cb_JaffaCakes118
Size

188KB
MD5

dd1fdb5b5ee33661e34e1208ff1856cb
SHA1

f872d8a3f12d2723c4d07fdf86ed79f9802af858
SHA256

e8119f901cd0e3b92f3edbc74658bb8bcbc34e1c5206f98f8c9552b90d9e4e62
SHA512

580a092b4fe1786371e4a0da5cd4e7788c3987da3d7d2c256c8d892bd841f30d1e0a6180da71d139070121680c0d35e03023f949ac7b14378a6557af95cbe988
SSDEEP

3072:XAKEOMP7y1kVeEiA+w6LhuHVEJIX+nFtAF8rq3j+6rrL3wbBv5JnP8bqJHQvQW8q:7E/7kceEifw6LQHxuFttF6rA9v5JP8bv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1fdb5b5ee33661e34e1208ff1856cb_JaffaCakes118

Files

dd1fdb5b5ee33661e34e1208ff1856cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e289cefdf6dc12ffc253ff2991073d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

DestroyWindow
ExcludeUpdateRgn
UpdateWindow
InvalidateRgn
IsWindowEnabled
ValidateRgn
GetCapture
FlashWindow
SetCapture
IsWindow
ReleaseCapture
RealGetWindowClassA
ValidateRect
EnableWindow
GetUpdateRgn

kernel32

DeleteCriticalSection
CreateFiber
GetExitCodeThread
QueryPerformanceFrequency
CreateThread
MultiByteToWideChar
LocalFree
ResumeThread
GetSystemDefaultLangID
GetSystemDirectoryW
QueryPerformanceCounter
CreateEventW
LeaveCriticalSection
EnumResourceNamesA
EnterCriticalSection
GetCurrentThread
SetThreadPriority
SetEvent
GetCommandLineW
SetThreadIdealProcessor
TerminateThread
LocalAlloc
InitializeCriticalSection
GetCurrentProcess

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ