JaffaCakes118_9b7e58c5b055c730c3a29842b3a0454d | Triage

Sharing

General

Target

JaffaCakes118_9b7e58c5b055c730c3a29842b3a0454d
Size

181KB
MD5

9b7e58c5b055c730c3a29842b3a0454d
SHA1

dcea513d16ea1de142c22a0f37ad1a1e0cac427c
SHA256

649259bd422eda322ca7bf5ecb7d447e47f7e561a3aedc07073e1db639a85a08
SHA512

c180afcd2107a2a02a85ce16f670ca9e3523fc3c6a6c3b597a888ea1e4ae9c030d412a899158cdad0da0e85a8ea7a4399620dca8ba9b73634574e6a48d603768
SSDEEP

3072:qQDVNrxqGNbJLvAGCLYYYWLK6tYKtODk96Z4G0HteoaVPic422JL6dw4FJSlzB3:frkqJcAYBftzOE64G0Hko0qcE6+2StB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9b7e58c5b055c730c3a29842b3a0454d

Files

JaffaCakes118_9b7e58c5b055c730c3a29842b3a0454d
.exe windows:4 windows x86 arch:x86

7b9a441e841f5e586d6ce4147e92cdd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
ValidateRgn
IsWindow
RealGetWindowClassA
UpdateWindow
ValidateRect
ReleaseCapture
DestroyWindow
IsWindowEnabled
EnableWindow
FlashWindow
InvalidateRgn
SetCapture
GetCapture
GetUpdateRgn

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

FileTimeToSystemTime
CreateFiberEx
FindResourceW
LCMapStringW
LocalAlloc
SetErrorMode
LocalFree
SetCurrentDirectoryW
GetShortPathNameW
SetThreadAffinityMask
GetSystemDirectoryW
SetEnvironmentVariableW
GetLocalTime
GetCurrentProcess
GetStringTypeW
FindNextFileW
EnumResourceNamesW
LocalFileTimeToFileTime
FindClose
SetThreadPriority
CompareStringA
IsBadReadPtr
FreeLibrary
SystemTimeToFileTime
LoadResource
FindFirstFileW
GetOEMCP
FileTimeToLocalFileTime
SearchPathW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ