888be59bf2067b8c74b82d583ab035a5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

888be59bf2067b8c74b82d583ab035a5_JaffaCakes118
Size

165KB
MD5

888be59bf2067b8c74b82d583ab035a5
SHA1

74d19c3c9bb9ecdd67ce366d0d9ceeb782fbfda5
SHA256

bbf3058629fbafe4e31a336cc3876b8295d7ad79ba63feefd1e16c6090020010
SHA512

c0db69a1ce30c40698d16ebf4950bebe15785518e819cd02588cd2806ddb0f033be9ed394fc3fb5c2d9a5f92aae63d705f222ade49cf0ef8692cac5336639632
SSDEEP

3072:W9qzc9dOGGvVtmy+QBFTzb/AgUlF03zdaHjFbTO+pTG9HQYrdf6f1v2kh:W9qGdOpVtmcXzb4/wdaRHT2wYxyf1fh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
888be59bf2067b8c74b82d583ab035a5_JaffaCakes118

Files

888be59bf2067b8c74b82d583ab035a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b496e9ec980bd99a7ffd6bd5f7f00142

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseFlushAppcompatCache
GetSystemInfo
SetLastError
VirtualAlloc
TlsFree
GetSystemTimeAsFileTime
VirtualQuery
SetEndOfFile
IsBadWritePtr
HeapDestroy
EnumResourceTypesA
HeapCreate
InterlockedExchange
CreateMailslotW
VirtualFree
TlsAlloc
GetACP
GetLocaleInfoA

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ