JaffaCakes118_98fab08e5be7e045d7e26ea268987a09 | Triage

Sharing

General

Target

JaffaCakes118_98fab08e5be7e045d7e26ea268987a09
Size

165KB
MD5

98fab08e5be7e045d7e26ea268987a09
SHA1

59c57316d35d3b29cd36ae80c3829c536bf2c178
SHA256

6f1c028a4d54937d7efbf76a62a363da0913e8012a24a3a5a38807ade05aeb51
SHA512

9989b3d4f1982e73cdd3eb81648116a07a0b6fd3c11e3ecb74559662a4d6a90f879c6422d876f7fe6b347596cc98e841fce7c31dd178e1321c4778fe395939a6
SSDEEP

3072:2WdS4UTsNp/bmTgJMg93Cv2QE60QbxfS8/iBKUhQ/Hsyalafbd8ewMzvN:20Se/aTgJv65NH/i8UKH9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_98fab08e5be7e045d7e26ea268987a09

Files

JaffaCakes118_98fab08e5be7e045d7e26ea268987a09
.exe windows:4 windows x86 arch:x86

24b53bdcd9327bf35e02b2fb4703f9ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

IsBadReadPtr
FindResourceW
FreeLibrary
CreateFiberEx
FindClose
GetStringTypeW
CompareStringA
FindNextFileW
GetCurrentProcess
SetThreadAffinityMask
LCMapStringW
GetShortPathNameW
FindFirstFileW
GetLocalTime
EnumResourceNamesW
LocalFree
SetCurrentDirectoryW
LoadResource
SetEnvironmentVariableW
SetErrorMode
SystemTimeToFileTime
SetThreadPriority
GetOEMCP
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalAlloc
LocalFileTimeToFileTime
GetSystemDirectoryW
SearchPathW

user32

ExcludeUpdateRgn
ValidateRect
RealGetWindowClassA
InvalidateRgn
IsWindow
ReleaseCapture
DestroyWindow
EnableWindow
UpdateWindow
FlashWindow
GetCapture
IsWindowEnabled
ValidateRgn
SetCapture
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ