337263991f3d2f811ed5d0b2a1c12906_JaffaCakes118 | Triage

Sharing

General

Target

337263991f3d2f811ed5d0b2a1c12906_JaffaCakes118
Size

280KB
MD5

337263991f3d2f811ed5d0b2a1c12906
SHA1

0985f2a17b5f482d6e3451e1ed14ccd3e8d374b2
SHA256

6889702c8ade01ecc81ba89be14dc6fa8de792edda5037b6e1f2e1d08aba4199
SHA512

d6c21bef2604904f9b47855882c7a3fd5b6ad9f1fcfd2ef97a055ce94c8f8976c922ebcb92ee5a7adddb4e17cff08220eaf5a3715d99b3367a8f6c74e61379c6
SSDEEP

6144:QlGPmnnK7bTiTVy9VlnQ/ecLOIf4l1V2YjHhvou01sIxRqTOyqhUfX:QlAmnMbTixWPQWcLqjVI1RKTOyq2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
337263991f3d2f811ed5d0b2a1c12906_JaffaCakes118

Files

337263991f3d2f811ed5d0b2a1c12906_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43880345ea957b611ed0ffd550088e0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

LoadLibraryW
GetSystemDefaultLCID
UnlockFile
SetFilePointer
GetModuleFileNameW
GlobalReAlloc
GetModuleHandleA
AddAtomA
ReadFile
WriteFile
FindClose
DeleteFileW
FindFirstFileW
GetVolumeInformationW
GetProcAddress
GetFileSize
GetCurrentDirectoryW
GlobalSize
IsDBCSLeadByte
GetDriveTypeW
WinExec
GetACP
SetFileAttributesW
EnumResourceNamesW
GetVersion
CloseHandle
GetModuleHandleW
MoveFileW
GlobalFree
FindActCtxSectionStringW
LockFile
GlobalUnlock
lstrlenW
SetLastError
IsDBCSLeadByteEx
FindNextFileW
SetFileTime
GetFileTime
GetVersionExW
GlobalAlloc
SearchPathW
GetFileAttributesW
OutputDebugStringA
GetLastError

Sections

.text
Size: 151KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ