JaffaCakes118_1794cdd710d6b7ba8b1b60f9ea7afcc9 | Triage

Sharing

General

Target

JaffaCakes118_1794cdd710d6b7ba8b1b60f9ea7afcc9
Size

176KB
MD5

1794cdd710d6b7ba8b1b60f9ea7afcc9
SHA1

36538a6eda4e155e81005958ed928d973529e0c6
SHA256

ab30ffc64f2bb6581505a6cfb4cea9fd07d13b0e7c27677f68c3296cdbcae353
SHA512

f811c8994d90ccc771507e8511ceae05cd6cdddaecc5de323e0b7600afdef305ce909ce5bd0457e9cb799a539deebc1a97d7e02a4cf36f0a4894771ca9d23b2b
SSDEEP

3072:Tq2UvckSVtQC3/xteR1caD2jDu7CyVY/5AB+NUxVlZWzu0ZJxh2Q9mhpx0D:9U0VVP5kHtEDgqBAeMAu0ZJxhfkz0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1794cdd710d6b7ba8b1b60f9ea7afcc9

Files

JaffaCakes118_1794cdd710d6b7ba8b1b60f9ea7afcc9
.exe windows:4 windows x86 arch:x86

065cf0ee14074149a68a5ea491314b04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

GetCurrentProcess
SetCurrentDirectoryW
FreeLibrary
ConvertFiberToThread
IsBadReadPtr
FindResourceW
FindNextFileW
GetLocalTime
FileTimeToSystemTime
SetThreadIdealProcessor
GetSystemDirectoryW
GetOEMCP
FindClose
LCMapStringW
EnumResourceNamesW
GetShortPathNameW
GetStringTypeW
CompareStringA
RegisterWaitForSingleObject
LocalFree
FileTimeToLocalFileTime
SetEnvironmentVariableW
SetErrorMode
LocalFileTimeToFileTime
FindFirstFileW
SystemTimeToFileTime
LocalAlloc
LoadResource
SearchPathW

user32

FlashWindow
IsWindow
IsWindowEnabled
EnableWindow
ValidateRect
DestroyWindow
InvalidateRgn
ReleaseCapture
UpdateWindow
SetCapture
GetCapture
ValidateRgn
ExcludeUpdateRgn
RealGetWindowClassA
GetUpdateRgn

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ