05b7694fc106c1eefa2488926e039fd7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05b7694fc106c1eefa2488926e039fd7_JaffaCakes118
Size

175KB
MD5

05b7694fc106c1eefa2488926e039fd7
SHA1

20ad97e50386bb6681c14811029eabcafb9b3e8d
SHA256

da611969c0c44d4847c010c0865e9bd6aebf2289688d3c29f638020b534d981f
SHA512

40e18f6c2e51e28cd4bb01990142d370d467f2dd2caf258309686eca3309657f6a3613f45b980c6d0825e8ca18b1c03296ab47a45454ee9ddad52801bf2e0711
SSDEEP

3072:/4QcMe5XG7CT1Kh17U41hSCgTidMwoTzBN4lFBvF6VldXL6Hv:QQcMep8emRI/idMwoTlN4l7g5+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05b7694fc106c1eefa2488926e039fd7_JaffaCakes118

Files

05b7694fc106c1eefa2488926e039fd7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c9bf4031a5340eaaa80e02c0f5844f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shlwapi

PathAddBackslashA

oleacc

LresultFromObject
CreateStdAccessibleObject

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetAtomNameW
CompareStringA
FileTimeToSystemTime
GetFileTime
LockFile
SetEndOfFile
GetProfileStringA
FlushFileBuffers
FindResourceExW
GetFileAttributesW
EnumResourceNamesA
SearchPathA
GetUserDefaultLangID
GetVersionExA
IsDBCSLeadByte
GetFileType
CreateHardLinkW
FileTimeToLocalFileTime
GetVolumeInformationA
UnlockFile
GetSystemDirectoryA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ