4d1ed03aa98589771cd225b96e156863_JaffaCakes118 | Triage

Sharing

General

Target

4d1ed03aa98589771cd225b96e156863_JaffaCakes118
Size

165KB
MD5

4d1ed03aa98589771cd225b96e156863
SHA1

0e6de60e36d7bb1a005d7f746898c1bc97dd2f17
SHA256

c87a33fdf7904a1852c9e89a792e46d85f1e45d9b9825e0cd33aa21f0f2a6afa
SHA512

922397a1890a4b26057fa342cfb9097ab3a366e26c196f8a578b8d56ff259fcc77fb7bf4afb651bc03e21f603d325af489852ca7b71e908df967738f37b0d815
SSDEEP

3072:9mdi9yWdWEQeKrBNFrq4wKdo9dCos+vPJf/63ASrIcZAl4fb0PGWrxJ/:N9y8urTJq4DdoDC8nNK8c1bub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d1ed03aa98589771cd225b96e156863_JaffaCakes118

Files

4d1ed03aa98589771cd225b96e156863_JaffaCakes118
.exe windows:4 windows x86 arch:x86

195da77f3fd39f5aff7b0cbc181a39f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
SetFilePointer
FindNextFileA
IsDBCSLeadByte
GetModuleHandleA
WriteFile
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentThreadId
EnumResourceTypesA
ReadFile
FindFirstFileA
EnumResourceLanguagesW
GetSystemDirectoryW
lstrlenA
WideCharToMultiByte
GlobalHandle
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyA

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ