JaffaCakes118_97e560037699958c8ec8fee9f3fa4a58 | Triage

Sharing

General

Target

JaffaCakes118_97e560037699958c8ec8fee9f3fa4a58
Size

215KB
MD5

97e560037699958c8ec8fee9f3fa4a58
SHA1

82086393fc032e7b5face9369fce53af8905260e
SHA256

a3c09d3cf96db63781276de01c8207009fcbaa29ebe0f42f87ef682ef9372c3c
SHA512

a9e690fc11d5a15c1cdae2089f102d1e07798f045f6b75ee79c6be5ddc54be487fffa12297b5d5ca0dcc9725422d9d6a8731dcd8c86f5620454fab07109b4874
SSDEEP

3072:YWHOnNr/9t67gZidU5YMlO64d5bXvhnczhD32ydXdRmCMDQzMkG9hKhUASRq7lIS:F0NrXSaWML4dd61DtPmCMAUA443EDfk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_97e560037699958c8ec8fee9f3fa4a58

Files

JaffaCakes118_97e560037699958c8ec8fee9f3fa4a58
.exe windows:4 windows x86 arch:x86

09aab6746c93d3978585c3c39ad28424

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

GetCommandLineW
CreateFiber
MultiByteToWideChar
QueryPerformanceFrequency
DeleteCriticalSection
InitializeCriticalSection
ResumeThread
GetSystemDefaultLangID
LocalAlloc
CreateEventW
EnumResourceNamesA
EnterCriticalSection
LocalFree
TerminateThread
GetExitCodeThread
QueryPerformanceCounter
LeaveCriticalSection
SetThreadPriority
GetSystemDirectoryW
SetThreadIdealProcessor
GetCurrentThread
SetEvent
CreateThread
GetCurrentProcess

user32

DestroyWindow
IsWindow
SetCapture
ReleaseCapture
ExcludeUpdateRgn
IsWindowEnabled
EnableWindow
ValidateRgn
ValidateRect
FlashWindow
GetCapture
UpdateWindow
InvalidateRgn
RealGetWindowClassA
GetUpdateRgn

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ