840179c27fafc2819ff3bf643be44f49_JaffaCakes118 | Triage

Sharing

General

Target

840179c27fafc2819ff3bf643be44f49_JaffaCakes118
Size

177KB
MD5

840179c27fafc2819ff3bf643be44f49
SHA1

54b1efc1e19aa315c1b3d5513eb179d27216fad7
SHA256

11149d26ee7217bb96766b38f98126dd7889101dfbe6175c8361da7a262c0a7f
SHA512

b72cdb6e460d65ff1ebce39a6c4270d7608b89b9a8af11dac1faea656f3e0e0c0663a3bcb5063b121c782b3041b70d5d8654c650b48ed3e220971dc25cae4846
SSDEEP

3072:3mRBQ+r5NBMBLcXyj5Ingr7bRti8pBvsRWi9nekl45yPKjdJZiwc7qvWXC:3U5M2XBM7dBvs9n8EgZiB7qvWXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
840179c27fafc2819ff3bf643be44f49_JaffaCakes118

Files

840179c27fafc2819ff3bf643be44f49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4242914460c558c53f5b135dd6ff51d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetCPInfoExW
DeleteCriticalSection
GetSystemInfo
EnterCriticalSection
GetProcAddress
GetModuleHandleA
SetStdHandle
LCMapStringA
LoadLibraryA
EnumResourceTypesA
LocalFree
LCMapStringW
LocalAlloc
GetLogicalDriveStringsW
LeaveCriticalSection
GetLastError
InitializeCriticalSection
GetStringTypeA

gdi32

GetTextExtentPointA
DeleteObject
GetTextMetricsA
GetDeviceCaps
SelectObject
CreateFontIndirectA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ