JaffaCakes118_423bf5a37f84d1b980669ac84208a279 | Triage

Sharing

General

Target

JaffaCakes118_423bf5a37f84d1b980669ac84208a279
Size

183KB
MD5

423bf5a37f84d1b980669ac84208a279
SHA1

4650f8b6d1f914f6dc05332710d6bac3943f21fc
SHA256

9dadaed7f04e8e87c74ee735a7ae3e2d8712483debc591c35ac6076a91b76fc9
SHA512

ac7133bd4f07521db7ccf131cbd54fb4c2d7bf4ebcc0e2e7babc789df1584fb384951653ef72b63a6a6e94e64dd678ec5d7abcbac08d5dafa35b8fd6c33471f2
SSDEEP

3072:rMa2Q1d2BRrvzQLt4wT0l8bNRmshrzezmUsHjPoGLJxTEeCsYyWXyfisyY49j6lQ:rgQaRoLt4W+8Jrqz9QjwaTEeJBiUoSQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_423bf5a37f84d1b980669ac84208a279

Files

JaffaCakes118_423bf5a37f84d1b980669ac84208a279
.exe windows:4 windows x86 arch:x86

457b062055610d577d0aa5a59c291041

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ConvertFiberToThread
FreeLibrary
SetErrorMode
LoadResource
SetCurrentDirectoryW
FileTimeToSystemTime
SetThreadPriority
FileTimeToLocalFileTime
CompareStringA
SystemTimeToFileTime
EnumResourceNamesW
SetEnvironmentVariableW
LocalFileTimeToFileTime
GetStringTypeW
FindNextFileW
GetLocalTime
FindResourceW
RegisterWaitForSingleObject
GetShortPathNameW
FindClose
FindFirstFileW
SearchPathW

user32

ValidateRect
ExcludeUpdateRgn
GetCapture
RealGetWindowClassA
ReleaseCapture
SetCapture
ValidateRgn
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ