b9f27b62103462d60a22a35e1b0840ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9f27b62103462d60a22a35e1b0840ef_JaffaCakes118
Size

178KB
MD5

b9f27b62103462d60a22a35e1b0840ef
SHA1

83349182ef5a8dbc401cf762d778bcf3a0791492
SHA256

2f33750492e48b1c73f78a40c31f1e70c7a1a2492c36d4f489193903ee42446d
SHA512

1a5c116e834ee46dac0d9864df05c516fb4aa318896493607d02bf0f692696cc6385a5f14ec637bfb11be763915703e1bd9286e81aca8826088f0c15722ab10c
SSDEEP

3072:dCzHCUptHnExPQTATyaUujLrY8WGgfe/fVzlotiveqy5V76fW4iV8WKHxmFGVS:dCzHCUfH/wYuj/Ypfkzl2eexBEa8BxmF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9f27b62103462d60a22a35e1b0840ef_JaffaCakes118

Files

b9f27b62103462d60a22a35e1b0840ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

537218b33b002200c144386d77ff51fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
GetDeviceCaps
DeleteObject
SelectObject
GetTextExtentPointA
CreateFontIndirectA

ole32

OleSave
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

kernel32

GetCPInfoExA
LocalFree
LoadLibraryA
EnterCriticalSection
LocalAlloc
GetSystemInfo
LCMapStringW
SetStdHandle
GetProcAddress
LeaveCriticalSection
EnumResourceTypesA
GetLastError
LCMapStringA
GetLongPathNameW
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetStringTypeA

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ