b56a4e0a75045b8d96d0c0f5c56005c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b56a4e0a75045b8d96d0c0f5c56005c2_JaffaCakes118
Size

182KB
MD5

b56a4e0a75045b8d96d0c0f5c56005c2
SHA1

ecfb07c15c107b2d1c978552a731211464a72020
SHA256

43b6fa9bd2d42586a61ac595c617e2900c7b2233fe6f942c7255b6a1f5871c3f
SHA512

8c65cda2a214362b7c1f2b11c351b684a555eea80d87a7f2579c0d6cf3dca39ecc5b4aa76497c9749c02f806f61939e03b3c05167bf2533270ccc16ea34985c2
SSDEEP

3072:zRbO6FIi/opCs0F/m1IdjNXATiK5qGkqs5ykl8GUXMT:zR7FIF0k1INqT3nkLFTk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b56a4e0a75045b8d96d0c0f5c56005c2_JaffaCakes118

Files

b56a4e0a75045b8d96d0c0f5c56005c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

670daa14debacb91ba616ff2a0525032

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrByteCountPointerFree
UuidCreate

kernel32

GetLastError
FlushInstructionCache
GlobalAlloc
GlobalUnlock
GetThreadContext
GlobalFree
DuplicateHandle
VirtualProtectEx
ExitProcess
GetVersionExW
WaitForSingleObject
SetLastError
SetLocaleInfoW
WriteProcessMemory
GetCurrentProcess
TlsSetValue
GlobalLock
CreateFileW
GetCurrentThreadId
GetTempPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

winmm

timeEndPeriod

shlwapi

PathCombineW
PathRemoveFileSpecW
PathAppendW
SHGetValueW
PathFileExistsW

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ