JaffaCakes118_429913e1cb8b1ead462b24d06d4f2456 | Triage

Sharing

General

Target

JaffaCakes118_429913e1cb8b1ead462b24d06d4f2456
Size

171KB
MD5

429913e1cb8b1ead462b24d06d4f2456
SHA1

03b99b0338ba69014a6ec6c2fb48fd9ec5140a4b
SHA256

1fa001abcfaca3c32c016bb183dddc3d26a6f344aa452986d540ea4d199101df
SHA512

568b16e9fb8aba967cd0b74180b15b0cef9cf212d0afc03cd8e8f5d11b4460a5b181647e33bd5d576d337fbdd8034925539b4987fce8db5b14a0be1da4b128ee
SSDEEP

3072:pgRhPXq8b/aW2S7AxN9jt2qidhoFgug7S57a5XeOl8Zjx6lyf1chWj23U:pf8b/aFS7e9jtydhoFgug755XFuZV6ll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_429913e1cb8b1ead462b24d06d4f2456

Files

JaffaCakes118_429913e1cb8b1ead462b24d06d4f2456
.exe windows:4 windows x86 arch:x86

f076b572cc1b358c33a4640b3654c4df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadResource
ConvertFiberToThread
SetEnvironmentVariableW
GetShortPathNameW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetCurrentDirectoryW
GetOEMCP
SetErrorMode
SetThreadIdealProcessor
FindResourceW
LocalAlloc
FindFirstFileW
GetLocalTime
EnumResourceNamesW
CompareStringA
LCMapStringW
FileTimeToSystemTime
RegisterWaitForSingleObject
FindClose
SystemTimeToFileTime
GetStringTypeW
GetCurrentProcess
IsBadReadPtr
GetSystemDirectoryW
FindNextFileW
LocalFree
FreeLibrary
SearchPathW

user32

ValidateRect
ReleaseCapture
GetCapture
InvalidateRgn
IsWindow
FlashWindow
EnableWindow
ValidateRgn
ExcludeUpdateRgn
RealGetWindowClassA
UpdateWindow
IsWindowEnabled
DestroyWindow
SetCapture
GetUpdateRgn

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ