JaffaCakes118_872defbb5a96b326fb18de1d4c3c89be | Triage

Sharing

General

Target

JaffaCakes118_872defbb5a96b326fb18de1d4c3c89be
Size

174KB
MD5

872defbb5a96b326fb18de1d4c3c89be
SHA1

6403420c52e662d4118e4fc95acd258e09183689
SHA256

ae603234ce5d91faaebaa47d47025c1cb28d8e79c5820ed61b0f15a2b42cac9f
SHA512

ebf29d9906a7c75cb780123324c3dcf7c4dd11f059cabc346122de7365a6b80e55b58aab5997cc947b08c2d62ea8869da28d3afea11d8dc3e27ac88aa5bd7536
SSDEEP

3072:2vW+2IUadlM4GD8hzSyM6kb5G1zIRObix0AoMBiOKoYkEI52Ap+hlmlzeHh4/T8I:2vW+Br6epkb5G1MRN0cBiroYI2Qlzb8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_872defbb5a96b326fb18de1d4c3c89be

Files

JaffaCakes118_872defbb5a96b326fb18de1d4c3c89be
.exe windows:4 windows x86 arch:x86

fb52a06c7300e0a63e0318474fea93df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetEnvironmentVariableW
ConvertFiberToThread
CompareStringA
SystemTimeToFileTime
GetShortPathNameW
FindClose
SetThreadPriority
LocalFileTimeToFileTime
GetLocalTime
FileTimeToSystemTime
SetCurrentDirectoryW
FindResourceW
GetStringTypeW
EnumResourceNamesW
RegisterWaitForSingleObject
FindFirstFileW
LoadResource
FileTimeToLocalFileTime
FindNextFileW
SetErrorMode
FreeLibrary
SearchPathW

user32

GetCapture
RealGetWindowClassA
ValidateRect
ValidateRgn
ReleaseCapture
SetCapture
ExcludeUpdateRgn
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ