f98166e2a74293580ade21fe5a51bf21_JaffaCakes118 | Triage

Sharing

General

Target

f98166e2a74293580ade21fe5a51bf21_JaffaCakes118
Size

156KB
MD5

f98166e2a74293580ade21fe5a51bf21
SHA1

ccedd2c63a00182794d8da557db50e985685bcfe
SHA256

5e0d1f48c2afc14ec65a18430636d8e5fd0a3b3a145099d971a7a77f55fd3069
SHA512

5f425b00fc722760a0491fb31867fc3c637bf41b74fcbc34109fee3ae75559afc4c263a5855262d68ab20f935df60337014b836b244e0124cd218ebad561e945
SSDEEP

3072:N04SFxQrRV8tTdV/7u7nGq/D/FOfo6tFY//z57AgunAe6yhlJ:e4SkdezVju//1XV7DO6Kl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f98166e2a74293580ade21fe5a51bf21_JaffaCakes118

Files

f98166e2a74293580ade21fe5a51bf21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

358b1452476ace8f818f452c5e1c688d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetWindowInfo
GetCapture
ValidateRect
SetCapture
InvalidateRgn
ExcludeUpdateRgn
ReleaseCapture
ValidateRgn
GetUpdateRgn

kernel32

SetCurrentDirectoryW
GetVDMCurrentDirectories
FindNextFileW
CompareStringA
HeapCreate
GetShortPathNameW
SetThreadPriorityBoost
FindResourceW
FreeLibrary
FileTimeToLocalFileTime
LoadResource
EnumResourceNamesW
FindClose
SetErrorMode
FindFirstFileW
FileTimeToSystemTime
RegisterWaitForSingleObject
LocalFileTimeToFileTime
GetStringTypeW
SetEnvironmentVariableW
SystemTimeToFileTime
GetLocalTime
SearchPathW

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ