JaffaCakes118_48732361dbca44f4fea0dc6f80f4112e | Triage

Sharing

General

Target

JaffaCakes118_48732361dbca44f4fea0dc6f80f4112e
Size

174KB
MD5

48732361dbca44f4fea0dc6f80f4112e
SHA1

34104b9ca0e2c4c59b632bf5b21968c05cfa58b6
SHA256

4eff75216c70a650d55c321b5a527c4ec31ef984290d029d15615f1c5dea048d
SHA512

6b3384624948cb5a6ea60a3cc1f1905b3849e0d3bf90e3e95df91bd8ebbfcf35d0a22cce6a8d3c6a9a6f27f824c877934eb042ed5b24c163878b75da325698ab
SSDEEP

3072:f/cb5sIxw3xWpzHyXOctXE5Aad1HHTUyVY1JBCzpI6quIJZtUd6RW68dX:f/cb5sIxwstcZGAt3X4IFuatUd6RW68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_48732361dbca44f4fea0dc6f80f4112e

Files

JaffaCakes118_48732361dbca44f4fea0dc6f80f4112e
.exe windows:4 windows x86 arch:x86

28182afe7e10cd865ad095f5f88c2abd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
ValidateRect
ValidateRgn
IsWindow
SetCapture
GetCapture
IsWindowEnabled
FlashWindow
DestroyWindow
InvalidateRgn
EnableWindow
ReleaseCapture
UpdateWindow
RealGetWindowClassA
GetUpdateRgn

kernel32

GetOEMCP
LCMapStringW
ConvertFiberToThread
LoadResource
IsBadReadPtr
GetStringTypeW
SetThreadIdealProcessor
SetErrorMode
GetSystemDirectoryW
FindNextFileW
SetEnvironmentVariableW
GetCurrentProcess
FindResourceW
LocalFileTimeToFileTime
EnumResourceNamesW
FindClose
CompareStringA
FindFirstFileW
RegisterWaitForSingleObject
FileTimeToLocalFileTime
SetCurrentDirectoryW
GetShortPathNameW
GetLocalTime
LocalAlloc
FileTimeToSystemTime
SystemTimeToFileTime
FreeLibrary
LocalFree
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ