4b869edd8bc21af8cd3a0379ac103027_JaffaCakes118 | Triage

Sharing

General

Target

4b869edd8bc21af8cd3a0379ac103027_JaffaCakes118
Size

164KB
MD5

4b869edd8bc21af8cd3a0379ac103027
SHA1

5d80e7f7c89c40b292551bea82f71a6152f3abb7
SHA256

071f3bd558e87ad7b18291a89fdfe4297e02098e91333b70e547fbc2adbe29e5
SHA512

01683fa5cc1166b262b17ba5528f7eaa7fc077bea6880a876fa90ea4055389d5135a5825e39746302ce736267cfc3db37bb2c6fa338c7c53a7a2bb022e596b56
SSDEEP

3072:WL/rLSmLeQpsNJyM0rKyMVNWXAqmyOUD2R/d3yBS2Uc0aEhau7J:oRLFKL0rKxfumh1R/dCBS2f0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b869edd8bc21af8cd3a0379ac103027_JaffaCakes118

Files

4b869edd8bc21af8cd3a0379ac103027_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd85517f9c330ff5d4bac9e60e8575dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
LoadLibraryA
GetAtomNameA
Sleep
GetProcAddress
HeapFree
WriteFile
GetSystemInfo
CreateThread
OpenEventA
GetTickCount
SetEvent
LocalFree
SetFilePointer
SystemTimeToTzSpecificLocalTime
EnumResourceTypesW
GetCurrentProcess
HeapAlloc
CompareFileTime
GetTempPathA
VirtualFree
GetSystemDirectoryW
GetEnvironmentVariableA
GetCurrentProcessId
SystemTimeToFileTime
GetSystemTime
CreatePipe

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ