daffc82161a114b4c57979b3449e43f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

daffc82161a114b4c57979b3449e43f4_JaffaCakes118
Size

165KB
MD5

daffc82161a114b4c57979b3449e43f4
SHA1

44964461ad1e9af38aa6dbdd54c389896ac9509e
SHA256

d1426d6a11efcfa679441511cec936ddf7983b0543406b8fab414be1a78f9a4b
SHA512

e675ede53a3968694eb20690b6608ab1faab23686b828518e2424a9d2a1795df7544e01ed87967b98f0f77a9d64f1156d0151f1ca99c8526992770a43d285ae5
SSDEEP

3072:8DjgibBbMqbvnW8waoQNInowL4AIl8doKkGS1c4ZB53r2vUb:YtbvlwaZagx4oJlnNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
daffc82161a114b4c57979b3449e43f4_JaffaCakes118

Files

daffc82161a114b4c57979b3449e43f4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6187bc32edeadd6d5d59e438a3f280d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetProcAddress
GetAtomNameA
GetTempPathA
CompareFileTime
ResetEvent
CreateThread
GetSystemTime
SetFilePointer
VirtualFree
OpenEventA
GetTickCount
SystemTimeToFileTime
GetCurrentProcessId
Sleep
EnumResourceTypesW
SystemTimeToTzSpecificLocalTime
SetEvent
GetSystemDirectoryW
HeapFree
LocalFree
GetEnvironmentVariableA
LoadLibraryA
GetSystemInfo
HeapAlloc
GetCurrentProcess
CreatePipe

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ