29972effa5e965cb998b87a809c76ee8_JaffaCakes118 | Triage

Sharing

General

Target

29972effa5e965cb998b87a809c76ee8_JaffaCakes118
Size

181KB
MD5

29972effa5e965cb998b87a809c76ee8
SHA1

1dd76db0bddcfeb293d6cdf763fc164ba508bd59
SHA256

8582e24797d8aff6cd5252ed3c7d4c1ad5966ea5db5e3652ae9c2f2e1c125fd4
SHA512

7c32736ef3cf04fc03579c9905a778be862489abc0b7efc582d51f2b5f9679f1a8c66dd5b003d94e6007d63b1575c8cb31011d8c9eb710ec83e0cef20ef2457f
SSDEEP

3072:lEiKXnSkAbb6A1shJWBLefw9Ie2X19tL3Jx2AHVgdN2IfVL8+cR0PqnYdsXaxyhu:lEiKXzAbuA2caeG1/P2AHKaMVL8tF2SY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29972effa5e965cb998b87a809c76ee8_JaffaCakes118

Files

29972effa5e965cb998b87a809c76ee8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7697ac4435fc7a1acdfa34d51c3b0dcf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetAtomNameA
GetVersionExA
LoadLibraryA
lstrlenW
MultiByteToWideChar
FindFirstFileW
LoadResource
FindClose
GetTickCount
GetPrivateProfileStringW
LockResource
WritePrivateProfileStringW
EnumResourceTypesW
GlobalSize
GetModuleHandleW
Sleep
LoadLibraryW
MulDiv
GetModuleFileNameW
GetSystemDirectoryW
GetPrivateProfileIntW
GetProcAddress
FreeLibrary
InitializeCriticalSection
GetVersionExW
GetLocaleInfoW

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ