ee6e122788bd4d50aa241068682d4462_JaffaCakes118 | Triage

Sharing

General

Target

ee6e122788bd4d50aa241068682d4462_JaffaCakes118
Size

195KB
MD5

ee6e122788bd4d50aa241068682d4462
SHA1

e1d04dc2a97d146d9e66450d5e3707767731a334
SHA256

c96bf2ab5f93ede2367b5921dcb543dfa4a32c71e5d61761cadb6e847e909f33
SHA512

c426d0150ae9c8a0b4d8cc9f8bf625d1a0b51671a3f19a41124d6efc5ce66245c66fdc30f387769ce7c201a2222eabf02b17efb59ee22d54417b4e50276f5ea2
SSDEEP

3072:WuLlwyWCwDBWvnU3iVLtFnD2/S7mx88pqazZPVlYYi/lmcvsokL5jcWeWNGYtpnP:tCCwUvn+DpqEZtyYiNmcVIOWNq2d9jP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee6e122788bd4d50aa241068682d4462_JaffaCakes118

Files

ee6e122788bd4d50aa241068682d4462_JaffaCakes118
.exe windows:4 windows x86 arch:x86

baae24e6dca7d2e6838ff20b7bbc1c42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiber
GetSystemDefaultLangID
SetEvent
GetSystemDirectoryW
TerminateThread
LocalAlloc
QueryPerformanceCounter
ResumeThread
QueryPerformanceFrequency
GetCurrentThread
EnumResourceNamesA
GetCommandLineW
MultiByteToWideChar
LocalFree
SetThreadPriority
CreateEventW
InitializeCriticalSection
GetExitCodeThread
CreateThread
SetThreadIdealProcessor
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess

user32

FlashWindow
IsWindowEnabled
InvalidateRgn
ExcludeUpdateRgn
RealGetWindowClassA
UpdateWindow
SetCapture
ReleaseCapture
DestroyWindow
EnableWindow
IsWindow
GetCapture
ValidateRect
ValidateRgn
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ