28418d56643dc7cd4e8c5f470b414e78_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28418d56643dc7cd4e8c5f470b414e78_JaffaCakes118
Size

167KB
MD5

28418d56643dc7cd4e8c5f470b414e78
SHA1

51c9a641fad5618bb02948421dbaccad7a83325a
SHA256

55c10b2c1113e7e7f2d1b2f499fedc7710a528a7d3e6dbb88ad8837ec909b58a
SHA512

6b6d211ec83b1c18adecc1b575f5741701be7a97ac06f8ddd7651d5acde1dc175870210033487b099c214116d6d943b06e348a1b8e5528b2c9a144bd13bb919f
SSDEEP

3072:u3Y544EvKHeekQJdP/tV7j3Sl3450GxPQukYk1uRDeBd/+8/Wmloq:549gdPl/x4/YuuRDeBH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28418d56643dc7cd4e8c5f470b414e78_JaffaCakes118

Files

28418d56643dc7cd4e8c5f470b414e78_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b593b70147b9427e621a8390ca8472c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointA
GetDeviceCaps
GetTextMetricsA
SelectObject
DeleteObject
CreateFontIndirectA

kernel32

GetCPInfoExW
LocalAlloc
LCMapStringW
GetProcAddress
GetModuleHandleA
GetLastError
DeleteCriticalSection
LCMapStringA
LocalFree
EnumResourceTypesA
SetStdHandle
InitializeCriticalSection
GetLongPathNameW
LeaveCriticalSection
GetSystemInfo
LoadLibraryA
EnterCriticalSection
GetStringTypeA

newdev

UpdateDriverForPlugAndPlayDevicesW

ole32

OleSave
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ