ec037ca59697ceaad75e779ef25ba441_JaffaCakes118 | Triage

Sharing

General

Target

ec037ca59697ceaad75e779ef25ba441_JaffaCakes118
Size

154KB
MD5

ec037ca59697ceaad75e779ef25ba441
SHA1

985d46f300cd57e366570e68d2f46084b312f534
SHA256

2ea5bdd2ddf67845d4a5e166494992521bbc59c6c14aa58b435c4b9f9f2c1c42
SHA512

0c9b91d62c58df90cbfe0769624494dc2725f15041f74c5068dfea9f4b55db09d4ccbc6679326dcdc384cd93e1516b9363db8f3208eeedc6230ccaa16dc43714
SSDEEP

3072:m+XC2wnwhpeovchz12YFaqFxWQIM1GL88VX0eSbwcvYPgLQENSlqUOXzPBw:dwnMvchh2MaqFxVIMkQ89QAKQISUjZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec037ca59697ceaad75e779ef25ba441_JaffaCakes118

Files

ec037ca59697ceaad75e779ef25ba441_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d41336a3e6773bc2707eb92fa64e4de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindClose
FindFirstFileW
GetNextVDMCommand
FreeLibrary
SetThreadPriority
FindResourceW
SystemTimeToFileTime
CompareStringA
FindNextFileW
FileTimeToLocalFileTime
SetEnvironmentVariableW
SetCurrentDirectoryW
FileTimeToSystemTime
EnumResourceNamesW
GetStringTypeW
GetLocalTime
SetErrorMode
RegisterWaitForSingleObject
GetShortPathNameW
LoadResource
LocalFileTimeToFileTime
SearchPathW

user32

SetCapture
GetCapture
ReleaseCapture
InvalidateRgn
RealGetWindowClassA
ValidateRect
ExcludeUpdateRgn
ValidateRgn
GetUpdateRgn

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ