6fb1d740f2de13625882baf2092535ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fb1d740f2de13625882baf2092535ba_JaffaCakes118
Size

164KB
MD5

6fb1d740f2de13625882baf2092535ba
SHA1

19a85d83e34894f3b6252fd520a255278a5bc4e9
SHA256

3f7ef6f3d40b3ecb925514f366e715b664a8c169c1f3a0f35b548f80ad129a26
SHA512

cb41eb2aee3fbb4adb13d59b81e7f1ec738663dfcb6459a90e5557bd3a8b0990ace8b1564440ef74f2281c2d162908701385047e8e83d1e106f0e8806c385ad5
SSDEEP

3072:UtQI+5vBiLo6cfa6dzKeJWEccAVJD4DEll1kNtbNHxnzp15ed/GshP6:bI+riNCa6dzKSWjcAVyIOHzwd/Gai

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb1d740f2de13625882baf2092535ba_JaffaCakes118

Files

6fb1d740f2de13625882baf2092535ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a298177a8ae3d459bdfe2a72b6895d84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
HeapAlloc
GetAtomNameA
OpenEventA
GetEnvironmentVariableA
SetFilePointer
LocalFree
GetCurrentProcessId
HeapFree
SystemTimeToFileTime
GetProcAddress
ResetEvent
CreateThread
VirtualFree
SetEvent
GetCurrentProcess
EnumResourceTypesW
GetTickCount
GetSystemDirectoryW
GetTempPathA
LoadLibraryA
CompareFileTime
SystemTimeToTzSpecificLocalTime
Sleep
GetSystemTime
GetSystemInfo
CreatePipe

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ