66055b7e0009f926b0146cc2fdb91faf_JaffaCakes118 | Triage

Sharing

General

Target

66055b7e0009f926b0146cc2fdb91faf_JaffaCakes118
Size

277KB
MD5

66055b7e0009f926b0146cc2fdb91faf
SHA1

9b5e583cbb75c67d1101cb6a9091eede6235c2ec
SHA256

eda31311b07383d40cc2c503767352929ad9e727dbab4d4746c55f41645165ca
SHA512

c307ca4d1cff7a5948a99063f763258d40dbf0d073527c2c59df6c920e7d142f2563adb710944b27f8decb5aa2e09e2c158c5ba999012befb117bcdfc256851f
SSDEEP

6144:mFAgrlryv64mSmW6yIgOeOoq5UO1jttTonsX/zU02UEhzRYvet:m2OrS9mZ3X5VoOUOd/zLxEhNIA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66055b7e0009f926b0146cc2fdb91faf_JaffaCakes118

Files

66055b7e0009f926b0146cc2fdb91faf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

052d7e82be31949bba5d2cb568bc2189

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIA
StrStrA

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

AddAtomA
WriteFile
GetStartupInfoA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeEnvironmentStringsW
EnumResourceLanguagesW
GetOEMCP
GetPrivateProfileStructW
UnhandledExceptionFilter
GetCPInfo
SetUnhandledExceptionFilter

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

Sections

.text
Size: 136KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ