JaffaCakes118_72a407647c25fde25a0636b4dd72e454 | Triage

Sharing

General

Target

JaffaCakes118_72a407647c25fde25a0636b4dd72e454
Size

191KB
MD5

72a407647c25fde25a0636b4dd72e454
SHA1

d59788e3d2e8a20f456004a449a27e3ee259ad74
SHA256

e67571a8d06c6c8db3628e56e15ef67a0f4837e9b070422e15ed99538199d1c6
SHA512

fd405efe8bc78ff1643e6593ce0b8647821a517619fe177af07c75ef459e366699497aae21df680e47f32ca1715667b9bfde15b8330713a2ec492983401f7982
SSDEEP

3072:F0KQ7j7t6AFb2Yrkt0RSFFx6YevU9/7O8Bg5DoSLb1eDPhIW3AzOil6oUVgEab5:WK47j5rkxeM9yg2oSLb1erhIW3AzUuEy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_72a407647c25fde25a0636b4dd72e454

Files

JaffaCakes118_72a407647c25fde25a0636b4dd72e454
.exe windows:4 windows x86 arch:x86

e92998147fccae0e002dee33efad34a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

GetCommandLineW
LeaveCriticalSection
TerminateThread
CreateFiber
GetCurrentThread
GetSystemDirectoryW
GetExitCodeThread
ResumeThread
QueryPerformanceCounter
SetThreadIdealProcessor
QueryPerformanceFrequency
MultiByteToWideChar
LocalAlloc
EnumResourceNamesA
SetEvent
CreateEventW
SetThreadPriority
EnterCriticalSection
DeleteCriticalSection
LocalFree
InitializeCriticalSection
GetSystemDefaultLangID
CreateThread
GetCurrentProcess

user32

FlashWindow
ExcludeUpdateRgn
IsWindow
ValidateRect
ValidateRgn
IsWindowEnabled
RealGetWindowClassA
ReleaseCapture
GetCapture
UpdateWindow
EnableWindow
DestroyWindow
SetCapture
InvalidateRgn
GetUpdateRgn

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ