f02a24dbcb4027872bcf5ba311311b49_JaffaCakes118 | Triage

Sharing

General

Target

f02a24dbcb4027872bcf5ba311311b49_JaffaCakes118
Size

186KB
MD5

f02a24dbcb4027872bcf5ba311311b49
SHA1

110c69e46cabdb3b69a103254a19ef2f5c1ee558
SHA256

0191bbffc57c44199f0c1dba0c453d234f67c3cb37de269bc7816c3a834c2a5a
SHA512

3934fc4df43192e4328d14f0c4331f4fc07e819eb8ee36ab6ca92e309be4964711e79c661e88a273824b73bcbb85c81ff4a138ef2e11c1b9e8546406d078bee3
SSDEEP

3072:Xwmbs5fl43JKsDVOa1O3q/kx/ZYA6Bdw/0OXCq86JGncW+mBpoatYOohm7pEus1g:AmkfuzVOrq/kxBadwnSq8Hfpo0YXwOu7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f02a24dbcb4027872bcf5ba311311b49_JaffaCakes118

Files

f02a24dbcb4027872bcf5ba311311b49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

183f5ec7aa6ed4547a1a6c9cdb413892

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ValidateRgn
ReleaseCapture
UpdateWindow
GetCapture
SetCapture
ExcludeUpdateRgn
ValidateRect
IsWindow
DestroyWindow
RealGetWindowClassA
InvalidateRgn
EnableWindow
IsWindowEnabled
FlashWindow
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

GetStringTypeW
FindResourceW
SetEnvironmentVariableW
ConvertFiberToThread
LocalAlloc
FindClose
LocalFree
GetOEMCP
SetThreadIdealProcessor
FileTimeToLocalFileTime
FindNextFileW
GetLocalTime
GetCurrentProcess
LCMapStringW
FreeLibrary
EnumResourceNamesW
SetCurrentDirectoryW
CompareStringA
GetShortPathNameW
FindFirstFileW
FileTimeToSystemTime
RegisterWaitForSingleObject
IsBadReadPtr
GetSystemDirectoryW
SystemTimeToFileTime
LoadResource
SetErrorMode
LocalFileTimeToFileTime
SearchPathW

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ