bec5c46ef378967eb0aa231b879dc86f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bec5c46ef378967eb0aa231b879dc86f_JaffaCakes118
Size

271KB
MD5

bec5c46ef378967eb0aa231b879dc86f
SHA1

9cc097f9a290df996822c400a21a6ef9f9bb317e
SHA256

ecca267bdeacfc3cdc3c2076afb69e487b169e606a2d297f5bf35e0aeaa67ef8
SHA512

1507288c1f6d4ace3fa0263004c42dc47dbae1474f07ddd3fc65c46fb691ceb899d7fb4edb4f0f9ae37c46a11cdcf9db49fc9a5df0a87fa7ce079c458efcb188
SSDEEP

6144:YBXDzu4ZcYVEz9WC+f5BTpqxOv6qUlL4f:YlDzPEz9WC+fLdqlqUlLk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bec5c46ef378967eb0aa231b879dc86f_JaffaCakes118

Files

bec5c46ef378967eb0aa231b879dc86f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27705716cee044cd8f06a9a702ef1aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
FindFirstFileW
InitializeCriticalSection
GetAtomNameA
GetVersionExW
GetVersionExA
FindClose
GetTickCount
MultiByteToWideChar
DeleteCriticalSection
GetModuleHandleW
GetProcAddress
MulDiv
EnumResourceTypesW
Sleep
lstrlenW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
LockResource
LoadLibraryW
GetSystemDirectoryW
GetModuleFileNameW
LoadResource
GlobalSize
LoadLibraryA
GetLocaleInfoW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ