JaffaCakes118_6fd58d0b82026b04e51105a546fd5f27 | Triage

Sharing

General

Target

JaffaCakes118_6fd58d0b82026b04e51105a546fd5f27
Size

169KB
MD5

6fd58d0b82026b04e51105a546fd5f27
SHA1

3f3c5d12d0549d18be014de42867ef9dd95b4c0d
SHA256

df8ae7b67ad4dece60dfe921d2320d5f353f973488247e9280634686cde5a786
SHA512

b700ce80cceb35bf6804ee6427a8b8967e73b92516b4bf9a64f53a20065e552c0b2ac7578a31651c2a15f27d81bb1cd26e5cf3a1a4f4e9e0173b4053dfbc8551
SSDEEP

3072:Ni3pVQmKSSKmqKTi836jEbul6ZZ8AMsWIh72s69WBtzmWw0Db3OB:Y5K7pqCig5bulK8AMsp72j9W7zmIO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6fd58d0b82026b04e51105a546fd5f27

Files

JaffaCakes118_6fd58d0b82026b04e51105a546fd5f27
.exe windows:4 windows x86 arch:x86

d1fc0a08e85c6161c4c33d27bbf905b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ExcludeUpdateRgn
SetCapture
UpdateWindow
GetCapture
ValidateRect
RealGetWindowClassA
ValidateRgn
InvalidateRgn
ReleaseCapture
EnableWindow
FlashWindow
DestroyWindow
IsWindowEnabled
IsWindow
GetUpdateRgn

kernel32

FindNextFileW
FreeLibrary
SetErrorMode
SetCurrentDirectoryW
CreateFiberEx
GetStringTypeW
LocalAlloc
SetThreadAffinityMask
FindFirstFileW
LocalFileTimeToFileTime
GetOEMCP
LoadResource
GetLocalTime
FileTimeToLocalFileTime
GetSystemDirectoryW
EnumResourceNamesW
IsBadReadPtr
LocalFree
SystemTimeToFileTime
SetThreadPriority
SetEnvironmentVariableW
LCMapStringW
CompareStringA
FindClose
FileTimeToSystemTime
GetShortPathNameW
FindResourceW
GetCurrentProcess
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ