ae2a80da7ba214077433ee9ad80053a9_JaffaCakes118 | Triage

Sharing

General

Target

ae2a80da7ba214077433ee9ad80053a9_JaffaCakes118
Size

273KB
MD5

ae2a80da7ba214077433ee9ad80053a9
SHA1

f3a66cef216f377a92de592b6d41da36c508237a
SHA256

52614c8f636b04adfe15839860e410d6a8cf22d24992f5cbee8d07b26e64e7f3
SHA512

b4fdf154a769bf406248fb1cc95aa6f72ccf10fb15a98faef22d254ffe920e7796bb45657f1877970d30dd9e3a28df75f7a1454f080444c481d406aa500c74c6
SSDEEP

6144:V2Tv3TUTABO/GK3/i489wxYzuVkDd0DWk+bMrCZO/nF4nmIEnTA:V2TPXB1A/lLxgWR+bv0nundEnTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae2a80da7ba214077433ee9ad80053a9_JaffaCakes118

Files

ae2a80da7ba214077433ee9ad80053a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b17adb0d4d243789480c999cfeddd4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

InitializeCriticalSection
AddAtomW
InterlockedDecrement
FlushFileBuffers
GetLastError
EnterCriticalSection
LCMapStringW
IsBadCodePtr
LCMapStringA
SetStdHandle
LeaveCriticalSection
HeapAlloc
EnumResourceNamesA
GetModuleHandleA
FlushInstructionCache
DeleteCriticalSection
CloseHandle
InterlockedIncrement
LoadLibraryExA
SetFilePointer
RegisterWaitForSingleObject
GetSystemTimeAsFileTime
GetStringTypeA
RaiseException
GetCurrentThreadId
GetCurrentProcess
GetStringTypeW
GetCurrentProcessId
IsBadReadPtr
SizeofResource

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

gdi32

CreateFontIndirectA

shell32

Shell_NotifyIconA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ