JaffaCakes118_30e359c36bb23fcfe3f3e53979f3e682 | Triage

Sharing

General

Target

JaffaCakes118_30e359c36bb23fcfe3f3e53979f3e682
Size

154KB
MD5

30e359c36bb23fcfe3f3e53979f3e682
SHA1

37982fcd4fcb7c621141fa61041552eac5a429cf
SHA256

7ea55261d63c305789b23fa38856b71434d2b6c5981a4aa7b66215aeb8efff4a
SHA512

9581fd890f9254c08222cc75c605ed0bde67f4e7593715398c9e79b5eab4a1957b3b8462d1313183e84eff7a51598b928ff36cc0a00a9f625d92b8bc17fb534e
SSDEEP

3072:BF283I/QFxUbxq/Kvdj5Mn3jVFuTEW3k2YM73DNoAhowdP3vUf4CrPd:3VAK0xq2ai7klMnmAX3UXrF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_30e359c36bb23fcfe3f3e53979f3e682

Files

JaffaCakes118_30e359c36bb23fcfe3f3e53979f3e682
.exe windows:4 windows x86 arch:x86

5fee7c65cb4c569ada41824c2e89959f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ConvertFiberToThread
SystemTimeToFileTime
FreeLibrary
SetEnvironmentVariableW
LocalFree
IsBadReadPtr
CompareStringA
GetSystemDirectoryW
LocalFileTimeToFileTime
FileTimeToSystemTime
SetThreadIdealProcessor
FindClose
GetStringTypeW
GetLocalTime
FileTimeToLocalFileTime
EnumResourceNamesW
GetCurrentProcess
LoadResource
GetShortPathNameW
FindNextFileW
LocalAlloc
RegisterWaitForSingleObject
FindFirstFileW
GetOEMCP
FindResourceW
SetCurrentDirectoryW
SetErrorMode
LCMapStringW
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

IsWindow
InvalidateRgn
ValidateRect
SetCapture
RealGetWindowClassA
IsWindowEnabled
DestroyWindow
UpdateWindow
ExcludeUpdateRgn
FlashWindow
GetCapture
EnableWindow
ValidateRgn
ReleaseCapture
GetUpdateRgn

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ