5a94b022379548cbf0be6e20e3244761_JaffaCakes118 | Triage

Sharing

General

Target

5a94b022379548cbf0be6e20e3244761_JaffaCakes118
Size

178KB
MD5

5a94b022379548cbf0be6e20e3244761
SHA1

def9deaddfba817f0c711237aad1e99a2e47dc23
SHA256

26822497b41b165a18f36d536bd9a0e780804a075dfa6ba9d3e08a94b5e1f50a
SHA512

437abe255f7e87b12200505c3578151195b7d4dec2f7025c0111eb8dd6433589175b92f5100686590e5ae6a536ea853174a9d57e1db746dd55f4deb266f40c16
SSDEEP

3072:ruqdX4DmkM9L/aZBS2nCo7kl4FB7YfMMbP4qubhr:SqdX4DmRL/WKoygkf1P4qYr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a94b022379548cbf0be6e20e3244761_JaffaCakes118

Files

5a94b022379548cbf0be6e20e3244761_JaffaCakes118
.exe windows:4 windows x86 arch:x86

960c250343dd7bad1944fe042b4c1000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
SetFilePointer
GlobalGetAtomNameW
GetModuleHandleA
GetCurrentThreadId
FindNextFileA
WideCharToMultiByte
EnumResourceLanguagesW
IsDBCSLeadByte
FindFirstFileA
EnumResourceTypesA
lstrlenA
GetCurrentProcessId
GetSystemDirectoryW
WriteFile
ReadFile
QueryPerformanceCounter
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyA

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ