f5ea747b59f5a47ee3b1c5304271e33b_JaffaCakes118 | Triage

Sharing

General

Target

f5ea747b59f5a47ee3b1c5304271e33b_JaffaCakes118
Size

182KB
MD5

f5ea747b59f5a47ee3b1c5304271e33b
SHA1

62f8c204d039daea9b1c36a1b670eb087aa8836f
SHA256

67ee9ec147c8b9f26af0b0b992d20a4f75d1856b9378f67015085dd03d8d2c2f
SHA512

cff7346f5ee549685a84cd347e04aad0b1948d8a8372f1bb922b83f7a7124c9b51f12c8b2161496137d077dc269221f1b6708b69e0ae6bcd0ebb1d150412bf38
SSDEEP

3072:+tRsWUUljM0H76m9osI/DUjLSf8GSHZ9ONQZEnZ0uWL1X/sWQoMoMwyIIWceWjUP:+bsGlY06mGsIUG8BHzOaZ4paXJQRz9r2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5ea747b59f5a47ee3b1c5304271e33b_JaffaCakes118

Files

f5ea747b59f5a47ee3b1c5304271e33b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07a13d2f96fa0bfc51db48246c5fe1ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalAlloc
GetSystemDefaultLangID
CreateFiber
GetCurrentThread
TerminateThread
ResumeThread
EnterCriticalSection
LocalFree
LeaveCriticalSection
QueryPerformanceCounter
EnumResourceNamesA
MultiByteToWideChar
GetSystemDirectoryW
QueryPerformanceFrequency
SetThreadPriority
CreateThread
SetThreadIdealProcessor
DeleteCriticalSection
GetExitCodeThread
InitializeCriticalSection
GetCommandLineW
SetEvent
CreateEventW
GetCurrentProcess

user32

ValidateRect
SetCapture
UpdateWindow
ExcludeUpdateRgn
EnableWindow
IsWindowEnabled
ReleaseCapture
FlashWindow
RealGetWindowClassA
IsWindow
InvalidateRgn
ValidateRgn
DestroyWindow
GetCapture
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ