JaffaCakes118_23c859f5acb3b76c711f5289dcaf4d3e | Triage

Sharing

General

Target

JaffaCakes118_23c859f5acb3b76c711f5289dcaf4d3e
Size

167KB
MD5

23c859f5acb3b76c711f5289dcaf4d3e
SHA1

399d44ea531a2c196d31fcb4b67fdcfcc23868bb
SHA256

141bfdda42fd34835f3bf336b1c47d485260b716d7edba01fb6ce957dce3bd6e
SHA512

57c11bade69926e183b9bca11f27fc886dc098b31dd737028e41e37d953720b7ecfcb934e9363d0c724a2d52c92aa3924bd09b6a9db054b7dec7ed359c377173
SSDEEP

3072:9TG6TWmatlxf6ZbvKI8hxfX3A4uPvjrNbF7DoN18GJ8gp:9TjTja38Z2I8hxfnA3XjrNb9owG+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_23c859f5acb3b76c711f5289dcaf4d3e

Files

JaffaCakes118_23c859f5acb3b76c711f5289dcaf4d3e
.exe windows:4 windows x86 arch:x86

51298affc18e74404745f712870a72ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

msimg32

AlphaBlend
TransparentBlt

kernel32

GetTempPathW
SetLastError
HeapAlloc
HeapFree
SetEvent
GetCalendarInfoA
GetModuleHandleA
GetVersionExA
TlsGetValue
CreateDirectoryW
TlsFree
CreateThread
GetProcessHeap
WriteConsoleW
GetProcAddress
GetEnvironmentVariableW
GetModuleHandleW
CreateFileA
GetVersionExW
GetExitCodeProcess
MoveFileExW
GetConsoleMode
EnumResourceNamesA
FindFirstFileW
ExitProcess
GetConsoleCP
TlsSetValue
CreateFileW
FlushFileBuffers
LoadLibraryExW
CreateFileMappingA
InterlockedIncrement
MapViewOfFile
WaitForSingleObject
UnmapViewOfFile
CreateProcessW
TlsAlloc
GetLastError

ole32

CoGetMalloc
CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ