074c3e3134ce14b3a89773059e8b0e0c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

074c3e3134ce14b3a89773059e8b0e0c_JaffaCakes118
Size

275KB
MD5

074c3e3134ce14b3a89773059e8b0e0c
SHA1

17b8d4ccb67723aca51d31fe251f904a3dc8dda9
SHA256

a0d6431e2f30b27dd09dbb381d81876d9e26f7927fac38e9a24c3f8e5f75cc97
SHA512

d2eb3e49d3e81b4051174f8f32f97e09721febc6a1063d888d9fdc395b2ff21b1d750a64c990b136ec1378862eb4fe33f56204ed1ed52fb4a816e2a8cb8f2b78
SSDEEP

6144:TG1Q/MBEdJ9dix87qQW3HNlobTyNHfLTN2+Wqra2V:TGIMaPbcogN2+W7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
074c3e3134ce14b3a89773059e8b0e0c_JaffaCakes118

Files

074c3e3134ce14b3a89773059e8b0e0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42037aa4a64bff62cd78e5ce47cbd4cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsDBCSLeadByte
GlobalGetAtomNameW
lstrlenA
ReadFile
FindFirstFileA
WideCharToMultiByte
GetCurrentThreadId
FindNextFileA
EnumResourceTypesA
QueryPerformanceCounter
SetFilePointer
GetSystemDirectoryW
GlobalHandle
GetCurrentProcessId
EnumResourceLanguagesW
WriteFile
FindClose

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ