JaffaCakes118_3bc6ef2ad2bf7d74c8f53d3c78f8b5f5 | Triage

Sharing

General

Target

JaffaCakes118_3bc6ef2ad2bf7d74c8f53d3c78f8b5f5
Size

170KB
MD5

3bc6ef2ad2bf7d74c8f53d3c78f8b5f5
SHA1

f93e456b23602f82e56ad2f327293275ebec99a1
SHA256

11a6c091e90d5a161d95f389473efb013132a5ff7921f8b20ad760a7f9901084
SHA512

551943cddcc84a209e0e6af62faba74b48d93eb896aec444f77f1eeb6cc34c49f773a98f460b32f3bf0c18cbdaf5185115593b1cff80388304a6b7ea490563a9
SSDEEP

3072:JWkndWJASeXVw00VmgVg+eJnMYBpiLOflqdXb75vYXyp7p04ID:Jdn6r00VmguRpMLOfEdrNLp2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3bc6ef2ad2bf7d74c8f53d3c78f8b5f5

Files

JaffaCakes118_3bc6ef2ad2bf7d74c8f53d3c78f8b5f5
.exe windows:4 windows x86 arch:x86

77f062e7675c623af8922403bc0d9c0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetCurrentDirectoryW
GetOEMCP
GetCurrentProcess
CreateFiberEx
LoadResource
LocalFileTimeToFileTime
SetThreadAffinityMask
FindResourceW
LocalAlloc
GetLocalTime
SystemTimeToFileTime
LCMapStringW
SetErrorMode
FileTimeToSystemTime
SetEnvironmentVariableW
EnumResourceNamesW
CompareStringA
SetThreadPriority
LocalFree
IsBadReadPtr
GetShortPathNameW
GetSystemDirectoryW
FindClose
GetStringTypeW
FindNextFileW
FreeLibrary
FileTimeToLocalFileTime
FindFirstFileW
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

RealGetWindowClassA
ValidateRgn
SetCapture
EnableWindow
ReleaseCapture
InvalidateRgn
ExcludeUpdateRgn
IsWindow
UpdateWindow
FlashWindow
IsWindowEnabled
ValidateRect
GetCapture
DestroyWindow
GetUpdateRgn

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ