d13e98dacaf32c0078692be104ae89ab_JaffaCakes118 | Triage

Sharing

General

Target

d13e98dacaf32c0078692be104ae89ab_JaffaCakes118
Size

275KB
MD5

d13e98dacaf32c0078692be104ae89ab
SHA1

93f98d1995625c39d887180e585e50a1a90f8cd9
SHA256

2bc14e7cf691d033e0f7411d146ffbb8a7ed13f193330097f4cffac509cf2047
SHA512

508a6223b047d1d95ddb4c0e8e070c4d30a00c4d37b91e6f01b1b43d92c91b2768e34eef53f4fc117743f61f8383730b38d715008f341afd054fae1bf13a6030
SSDEEP

6144:WG/jt2hYYHUFJNKxA6dOR7CjcA09ehuKd+OjmDO4O+10Ucw:WCQh8ToKXYDfNkOjmDO4Qxw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d13e98dacaf32c0078692be104ae89ab_JaffaCakes118

Files

d13e98dacaf32c0078692be104ae89ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e4f89c5b3d16fee40de5725b4985e22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
AddLocalAlternateComputerNameA
GetModuleHandleA
GetCurrentThreadId
WideCharToMultiByte
FindFirstFileA
lstrlenA
IsDBCSLeadByte
WriteFile
EnumResourceTypesW
FindNextFileA
GetCurrentProcessId
CreateMailslotW
EnumResourceLanguagesW
GlobalHandle
QueryPerformanceCounter
ReadFile
FindClose

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

AccessibleChildren
CreateStdAccessibleProxyW

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ