f7d897eb2899503400e756b2ee5c5ac9_JaffaCakes118 | Triage

Sharing

General

Target

f7d897eb2899503400e756b2ee5c5ac9_JaffaCakes118
Size

157KB
MD5

f7d897eb2899503400e756b2ee5c5ac9
SHA1

5cc8d56f3e4cd3b9743619b925b8fe5fb5f0be26
SHA256

dec2698415f4f89f7f947ab66397519d80bc215a063aefcdc4cfed3a57e756d8
SHA512

ea8a3fd31d85eeb8aaadcbb5c77abab777c54eb59c35c05a44767254f26ca5b555bb8c4602e72603eeecc78a88414ba57d40d43b95c770310b4967289b0efb59
SSDEEP

3072:pHYNBi9HJxPGU8XX1JFcB5bp7ssxA+DN6i0ZxsM4kuKuP0oL+9Fx6V4TrqvL/G:ZYNBi9HJxuHz6B7DzDN69Cg+cShL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d897eb2899503400e756b2ee5c5ac9_JaffaCakes118

Files

f7d897eb2899503400e756b2ee5c5ac9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8980d33c4f1f365d0fa79f729eb462f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ExcludeUpdateRgn
GetCapture
DestroyWindow
ValidateRgn
InvalidateRgn
UpdateWindow
IsWindowEnabled
RealGetWindowClassA
ValidateRect
IsWindow
FlashWindow
ReleaseCapture
EnableWindow
GetUpdateRgn

kernel32

IsBadReadPtr
FindFirstFileW
ConvertFiberToThread
SetCurrentDirectoryW
CompareStringA
GetSystemDirectoryW
SystemTimeToFileTime
SetThreadIdealProcessor
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetLocalTime
GetStringTypeW
EnumResourceNamesW
SetErrorMode
SetEnvironmentVariableW
FindClose
LoadResource
FileTimeToSystemTime
GetShortPathNameW
RegisterWaitForSingleObject
LocalAlloc
GetCurrentProcess
FindResourceW
FreeLibrary
LocalFree
LCMapStringW
GetOEMCP
FindNextFileW
SearchPathW

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ