ae938a6990813c1da3992c9906187daa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae938a6990813c1da3992c9906187daa_JaffaCakes118
Size

172KB
MD5

ae938a6990813c1da3992c9906187daa
SHA1

6efd417d19c805eaa7b30c9796e7215543a244b5
SHA256

c212b5388849aead12504aa7b2c7723f16b5dbb27601ea94c224c8159520e69d
SHA512

bb62176571946a95647d0bc90cbd22fec585910e30702c8dc34f8c65f71fa0beefceb23a7c5532b65f774e77170020164f5cff12c9402f1c813a9c0f94d94692
SSDEEP

3072:8mdWbsjZjpCkgxp5cEQ8WWPnUbddcNClAD6dEGpllvPaB+1TTBemPhZVUYN:7PjKkgH6EQ8ZnUbddcwK6dEGX9C0/TfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae938a6990813c1da3992c9906187daa_JaffaCakes118

Files

ae938a6990813c1da3992c9906187daa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd32da262b61cff6271da3b0c933d31f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

kernel32

GetLastError
GetCPInfoExW
SetStdHandle
GetProcAddress
LCMapStringW
DeleteCriticalSection
LocalFree
EnterCriticalSection
GetSystemInfo
LCMapStringA
EnumResourceTypesA
LocalAlloc
GetModuleHandleA
GetLongPathNameW
InitializeCriticalSection
LoadLibraryA
LeaveCriticalSection
GetStringTypeA

newdev

UpdateDriverForPlugAndPlayDevicesW

gdi32

GetTextMetricsA
GetTextExtentPointA
SelectObject
DeleteObject
GetDeviceCaps
CreateFontIndirectA

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ