JaffaCakes118_4a76a2529b7b37fd848ce17c6142453f | Triage

Sharing

General

Target

JaffaCakes118_4a76a2529b7b37fd848ce17c6142453f
Size

170KB
MD5

4a76a2529b7b37fd848ce17c6142453f
SHA1

a9d9e24ba0094ae6b8e68899604d67c6445efeee
SHA256

624a2696409f9e01e286dd43f06a98cf9653ef55175488869f94178c0dd9ffc5
SHA512

433774e9ff4535c20feb34c58191e2ebd1bc103ad98bef15c3c2a80309b753c66dc05d3c323864c93addb6ec1532c36072db111704a673bc6acb638c43dec361
SSDEEP

3072:Tg5GjiQSVa4RcLv9kv2o2SPZaFygQqRIJpp6c3/Qxxvq/lCRc7lCXl1obsXW:OKiQGa4R/2SPZaFG5Jp0clN21obL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4a76a2529b7b37fd848ce17c6142453f

Files

JaffaCakes118_4a76a2529b7b37fd848ce17c6142453f
.exe windows:4 windows x86 arch:x86

45ed4557c9bca5d063ac88d9d7b0d67e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

RealGetWindowClassA
DestroyWindow
UpdateWindow
ReleaseCapture
ValidateRect
IsWindowEnabled
SetCapture
GetCapture
FlashWindow
IsWindow
ExcludeUpdateRgn
ValidateRgn
InvalidateRgn
EnableWindow
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

GetStringTypeW
SetErrorMode
ConvertFiberToThread
IsBadReadPtr
GetSystemDirectoryW
FileTimeToSystemTime
SetEnvironmentVariableW
FindNextFileW
LocalAlloc
FindClose
SetThreadIdealProcessor
GetLocalTime
GetOEMCP
SetCurrentDirectoryW
FreeLibrary
EnumResourceNamesW
FindResourceW
RegisterWaitForSingleObject
GetShortPathNameW
CompareStringA
FindFirstFileW
GetCurrentProcess
LocalFileTimeToFileTime
LocalFree
LoadResource
SystemTimeToFileTime
LCMapStringW
FileTimeToLocalFileTime
SearchPathW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ