1857e8ad059fee4a95968dc2acda5589_JaffaCakes118 | Triage

Sharing

General

Target

1857e8ad059fee4a95968dc2acda5589_JaffaCakes118
Size

177KB
MD5

1857e8ad059fee4a95968dc2acda5589
SHA1

dae6aaca2332b0e3bd4ec7b9e9a8c337721759dd
SHA256

94b8344ef6aaae1e45805aec01b9d18d580577f22bc1b6e79fc1fe11009a7347
SHA512

d5b79a7e1d4be4228bd7d8d62c0c0c849e73a2d66f47c5d45b564cd1b5adacc0fbee46db0966aa3d2366d82c564b58f020fc6e2a92f56ee15acf0c18b54e9ff8
SSDEEP

3072:pCbxv1+3APbNeNun6bnd94aucquyMrpTyOw4kim9tiScfBwUTB0jpC:pCb9QONeNun6bnnr5sQpp1UtYBwM0lC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1857e8ad059fee4a95968dc2acda5589_JaffaCakes118

Files

1857e8ad059fee4a95968dc2acda5589_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81803edc4c4ccddebb672eeb03ef0d8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

gdi32

GetTextMetricsA
GetTextExtentPointA
DeleteObject
SelectObject
GetDeviceCaps
CreateFontIndirectA

kernel32

LeaveCriticalSection
GetCPInfoExA
LocalAlloc
GetSystemInfo
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
InitializeCriticalSection
LoadLibraryA
LCMapStringA
EnumResourceTypesA
LocalFree
GetLongPathNameW
GetLastError
LCMapStringW
EnterCriticalSection
SetStdHandle
GetStringTypeA

ole32

OleSave
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ