954e56c9c34a17f4aaf472d0424b9975_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

954e56c9c34a17f4aaf472d0424b9975_JaffaCakes118
Size

187KB
MD5

954e56c9c34a17f4aaf472d0424b9975
SHA1

a519fd7d015e5162889299cd986db884e233dddc
SHA256

a92008c85366d12a42977bbdd2c162fb21cd9bce7e71f12275644d39669c5e98
SHA512

278f36940b3f8c7f60f5756c68fbc94d0f3287c6de570f3bd1f8bdeadb6604635ab3f7875c63ea884c3c2c60137a6a5d4dc17f9771ed4fa6575f8f25a484dc09
SSDEEP

3072:V1lWJQZ8GGPXAYCc7IzAV0ZxIFAgOL05tkNBwsygdw8U1KnwYZMdzR:V1yjRCzsUxIySkq8BnwfR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
954e56c9c34a17f4aaf472d0424b9975_JaffaCakes118

Files

954e56c9c34a17f4aaf472d0424b9975_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc667bbe8d447bf23acef178b6384d68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateFontIndirectA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

Shell_NotifyIconA

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

kernel32

AddAtomW
LoadLibraryExA
LCMapStringA
GetStringTypeA
GetCurrentProcessId
IsBadReadPtr
FlushFileBuffers
InitializeCriticalSection
SetFilePointer
DeleteCriticalSection
GetLastError
FlushInstructionCache
CloseHandle
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
EnumResourceNamesA
GetSystemTimeAsFileTime
RegisterWaitForSingleObject
GetCurrentProcess
LCMapStringW
LeaveCriticalSection
InterlockedDecrement
GetStringTypeW
EnterCriticalSection
RaiseException
SetStdHandle
IsBadCodePtr
GetModuleHandleA
SizeofResource

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ