JaffaCakes118_a6a9e97f51fcaa07a1d082d789d703dc | Triage

Sharing

General

Target

JaffaCakes118_a6a9e97f51fcaa07a1d082d789d703dc
Size

179KB
MD5

a6a9e97f51fcaa07a1d082d789d703dc
SHA1

39f4db12da76ab3460f398b8e535a0e7ea473919
SHA256

76fc724e365bddd20b08ddee0cf667bf386f2cb60d10921429a43154dbe8cfa8
SHA512

a118194ba960d9ec16aea0d60445cd3a1fe16a1ac8e95a41067ef73d9c42a124d093b5f7286f4055a2cd4011061547cfd1484c86804c34e55da3becd92fa0c23
SSDEEP

3072:j4ZoAy2OXdAVi/yqP+9Yap5dzRE5QtRrzh2y/Gbr9Fkms9eX6:MittAVo7m93dz+QtRgkG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a6a9e97f51fcaa07a1d082d789d703dc

Files

JaffaCakes118_a6a9e97f51fcaa07a1d082d789d703dc
.exe windows:4 windows x86 arch:x86

613825db7829a2069be1716acb8fa276

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetCapture
ReleaseCapture
ExcludeUpdateRgn
FlashWindow
IsWindowEnabled
ValidateRect
InvalidateRgn
GetCapture
ValidateRgn
RealGetWindowClassA
UpdateWindow
DestroyWindow
EnableWindow
IsWindow
GetUpdateRgn

kernel32

GetStringTypeW
CreateFiberEx
FindClose
FileTimeToLocalFileTime
CompareStringA
IsBadReadPtr
LocalFree
SetThreadAffinityMask
SetEnvironmentVariableW
LocalFileTimeToFileTime
GetShortPathNameW
FindNextFileW
LCMapStringW
FindResourceW
GetOEMCP
GetSystemDirectoryW
EnumResourceNamesW
LoadResource
FreeLibrary
SetThreadPriority
SetErrorMode
FileTimeToSystemTime
GetCurrentProcess
SystemTimeToFileTime
SetCurrentDirectoryW
FindFirstFileW
LocalAlloc
GetLocalTime
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ