a5cef3835185aeb9ab243eff8c628b08_JaffaCakes118 | Triage

Sharing

General

Target

a5cef3835185aeb9ab243eff8c628b08_JaffaCakes118
Size

178KB
MD5

a5cef3835185aeb9ab243eff8c628b08
SHA1

a8ab20f7e6a8db5f42406b2d72c2da313bc85db3
SHA256

19a58f9870ff5f4d4d4cc40efeeedfd1b0ad50cd9c0d539bb388d9aaa3a8bc66
SHA512

bb80dd94b0394c04aadbe43df5058534a232e101f9f5662259f9fd0620dbe8d827b397e1a957d00b6212ad6ce5db422d7f6b8eda851fe64a0479c59dfc70d22f
SSDEEP

3072:E1BVEYwLa60O/9hwpPPgx3sAOgjKIGauTh8ePrImZVi5+YGq7UUR:GB3lOlhw1g9sAOI9GNZtViSqzR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5cef3835185aeb9ab243eff8c628b08_JaffaCakes118

Files

a5cef3835185aeb9ab243eff8c628b08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a49602ef5e56e81f454649faa2df3262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrByteCountPointerFree
UuidCreate

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

DuplicateHandle
TlsSetValue
FlushInstructionCache
GlobalAlloc
GetVersionExW
GetCurrentThreadId
GetThreadContext
GlobalFree
GetLastError
WriteProcessMemory
ExitProcess
CreateFileW
SetLocaleInfoW
GetCurrentProcess
GlobalLock
VirtualProtectEx
WaitForSingleObject
GlobalUnlock
SetLastError
GetTempPathW

shlwapi

PathRemoveFileSpecW
PathAppendW
PathCombineW
SHGetValueW
PathFileExistsW

winmm

timeEndPeriod

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ