4b13ea9bf985dadc891f8ac922a935d2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b13ea9bf985dadc891f8ac922a935d2_JaffaCakes118
Size

178KB
MD5

4b13ea9bf985dadc891f8ac922a935d2
SHA1

64ca419fa596ab6b0604b9a8f317c29607c15be5
SHA256

947e8b2d5c96b5ff62e0e04e552a35e9598e5c2a9bacc2f09bed713d4218e892
SHA512

f6b451fabb2cc3cb5142988c11eef3c0e9f9df10bd2ce2d1bb1c7329deb3baccd448b8b474f035aef45e036c4dbb79f8328adbdc5fb0df2ca76ff847d600bad4
SSDEEP

3072:pBWiHPGlH15ZZQzn7/0JEA5heWDekMOm0kSAtOpGsNRdyLEoYfp2qGV5SUrI:uiHPUHYz7/0V5h5DeFxTsNnyLEoapcDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b13ea9bf985dadc891f8ac922a935d2_JaffaCakes118

Files

4b13ea9bf985dadc891f8ac922a935d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86f8f179c45a89933c65880576d2260d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetAtomNameW
GetFileAttributesW
GetProfileStringA
FindResourceExW
FlushFileBuffers
SearchPathA
LockFile
GetUserDefaultLangID
UnlockFile
EnumResourceNamesA
SetEndOfFile
GetVolumeInformationA
IsDBCSLeadByte
GetFileTime
TzSpecificLocalTimeToSystemTime
GetVersionExA
GetFileType
FileTimeToLocalFileTime
CompareStringA
FileTimeToSystemTime
GetSystemDirectoryA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ