c268992cc8870b49e0e7a06952126879_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c268992cc8870b49e0e7a06952126879_JaffaCakes118
Size

275KB
MD5

c268992cc8870b49e0e7a06952126879
SHA1

72ac31d3a3cd205d3464de17a2f1a4e53aeef65d
SHA256

76c9f790576862d2f00bb630a5abf5f68329299715292e2de757954d0de53846
SHA512

fd61d68ffa53b68b1d1be55c721eb6c81a4395d600ee1e06eea57229a9b80d79cb3e8a53a009caa571abb0fde695d09bae2a346b4a264a18d10175f791dc4da0
SSDEEP

6144:bPZU2gxoFofER2U0b3cvcEMDfQQu8jGNorlzlXykL4HY8Oe:bRUNKofERV0rfjjrlzQkL4H9Oe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c268992cc8870b49e0e7a06952126879_JaffaCakes118

Files

c268992cc8870b49e0e7a06952126879_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f76233b9d452b0aa3c9e439d4bb88e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
ReadFile
GlobalGetAtomNameW
GlobalHandle
lstrlenA
SetFilePointer
FindNextFileA
EnumResourceLanguagesW
GetCurrentThreadId
EnumResourceTypesA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemDirectoryW
WideCharToMultiByte
GetModuleHandleA
WriteFile
FindFirstFileA
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyA

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ