d67b67c0b905eb66a4db8029b20747f6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d67b67c0b905eb66a4db8029b20747f6_JaffaCakes118
Size

175KB
MD5

d67b67c0b905eb66a4db8029b20747f6
SHA1

6854f0ea93f1c53eb7e0536414e28962b62cce51
SHA256

d887c11c5733be3917303ed124f8d4a7554d7063ece86867f1e698d01fe5e666
SHA512

63de69887d7d2add88350772f4611f4ea270cc8b71e8490a48f04a57053bfe9d959ac949d7e53e939d9d8acb95725bba80e4eeca7a066ee50476f139df444b7d
SSDEEP

3072:fXEa2PyGBGWBFzl8pW7uKLK6abJhz9KAN/4RPoXOKl9ZLz6LgICVa:8a+yGBlzipn+KH3lNwRqIC4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d67b67c0b905eb66a4db8029b20747f6_JaffaCakes118

Files

d67b67c0b905eb66a4db8029b20747f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff27bcbf99ff6902176ad18d9f489cbf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetCPInfoExW
LCMapStringW
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
SetStdHandle
LoadLibraryA
GetProcAddress
GetLastError
LCMapStringA
EnumResourceTypesA
InitializeCriticalSection
GetLogicalDriveStringsA
DeleteCriticalSection
GetSystemInfo
EnterCriticalSection
LocalFree
GetStringTypeA

gdi32

GetDeviceCaps
GetTextExtentPointA
SelectObject
GetTextMetricsA
DeleteObject
CreateFontIndirectA

ole32

OleSave
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ