035cefa2d9e8ad3b67c8368e45cf3d19_JaffaCakes118 | Triage

Sharing

General

Target

035cefa2d9e8ad3b67c8368e45cf3d19_JaffaCakes118
Size

164KB
MD5

035cefa2d9e8ad3b67c8368e45cf3d19
SHA1

44df58b38cf515108626842be745e021439bb188
SHA256

4fc3be3551eda9f2376416ee900a567e050d2f7b3cb70853e26a450255a26a12
SHA512

acce9b1917293869835fc3b31e9b7279faf3e796f44dd129c803e492df92c9c77cb9b2dd5e8f29e3939c05e5f9afa5c762452bd5f0f4c1aa8a34e3cad74fdb7c
SSDEEP

3072:c6IuL9Q+XnsAOW2thA5/zcwhp8bxF5FBwgk1+Cea/82dSYPoPN2vtigkQH//:7IuRQ+XnsAO3thAGwhOFFBT47B/lpPow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
035cefa2d9e8ad3b67c8368e45cf3d19_JaffaCakes118

Files

035cefa2d9e8ad3b67c8368e45cf3d19_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a64cefa0418ca9bfa2ee7bed5da4e0fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
ReadFile
GetModuleHandleA
WriteFile
GlobalHandle
FindFirstFileA
lstrlenA
WideCharToMultiByte
EnumResourceTypesA
SetFilePointer
GetCurrentProcessId
IsDBCSLeadByte
QueryPerformanceCounter
CreateMailslotA
FindNextFileA
EnumResourceLanguagesW
GetCurrentThreadId
FindClose

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ