e88ac908199e74958e0f6d4412760b87_JaffaCakes118 | Triage

Sharing

General

Target

e88ac908199e74958e0f6d4412760b87_JaffaCakes118
Size

279KB
MD5

e88ac908199e74958e0f6d4412760b87
SHA1

814ebeaa37736b7dd23b7a92b4093b54e8aa9a89
SHA256

d380d48ca3036eb5d99453cb17ae6f3afb0aeea85786e14198bdd182a0182f8e
SHA512

1b1c766e97225b37555c4f1a0bda1d0ea4444daf13c5f994a9f3f9690b9ad7e165a3d7baec8cca2771008e4c68bb8dfbab71a6bf485df065619e92f6348a2c90
SSDEEP

6144:m7O00l65RAHqjeEnoz5OEKS64y5eUSqX5kdpfkQr7ZBfE9M:m75RGgdoz5LDsOddkUBc9M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e88ac908199e74958e0f6d4412760b87_JaffaCakes118

Files

e88ac908199e74958e0f6d4412760b87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c44c48baf58f4cf1f4d3a2bec983a53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

kernel32

UnhandledExceptionFilter
AddAtomA
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
EnumResourceLanguagesA
WriteFile
GetNumberFormatA
GetStartupInfoA
GetEnvironmentStringsW
GetCPInfo
SetUnhandledExceptionFilter

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

EnumChildWindows
GetDlgItem
DestroyWindow
CreateWindowExW
SendMessageA
IsWindow
GetWindowThreadProcessId

Sections

.text
Size: 142KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ