f8afe38319cc691f948214bc3907eadd_JaffaCakes118 | Triage

Sharing

General

Target

f8afe38319cc691f948214bc3907eadd_JaffaCakes118
Size

168KB
MD5

f8afe38319cc691f948214bc3907eadd
SHA1

4cc870c1b5b4bcb2da1a23c811e6a0f25ec5cec1
SHA256

a59f924c88eb95666043249b1f9f77f606b3e601cdcec549ec6ddd0b3448c617
SHA512

fe3fe08919cd06357cb6e948ebc4e38bb9aec291195aac7275980c87b999ec674694465a5b8a39205006f26547df1cad41b206ea23a1c27dd3991b2d3c15d307
SSDEEP

3072:viqXwQU66AagjXdL+A1uXHnVO5Gpmt7fzHOyE/AryPtLbZiMwdwRB9Xrx1Jefz:viNAaqh5oHnVO5GgjzHOyaPhZkdwRB9K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8afe38319cc691f948214bc3907eadd_JaffaCakes118

Files

f8afe38319cc691f948214bc3907eadd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b1c75c25c8afe6dbe2795f485db05b2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumChildWindows
CreateWindowExW
DestroyWindow
SendMessageA
IsWindow
GetDlgItem
GetWindowThreadProcessId

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

kernel32

GetOEMCP
AddAtomA
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
GetStartupInfoA
EnumResourceLanguagesA
GetEnvironmentStrings
GetStringTypeExW
GetCPInfo
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

Sections

.text
Size: 85KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ