db09bec4a3906988258a7658bf7f284a_JaffaCakes118 | Triage

Sharing

General

Target

db09bec4a3906988258a7658bf7f284a_JaffaCakes118
Size

180KB
MD5

db09bec4a3906988258a7658bf7f284a
SHA1

e935aca797a5b232f89725c4b47b1be666c45da2
SHA256

b20e69b55f28b8d03bc30dfd1e63a14efa1f6afd48cb9469648d9e76b5d919ca
SHA512

9a3ad642e567c0de344634a490f9bbe7b55429b829020608277b2988187e7f8efeaab50cd50156535a24f3a31edf3392a62c3c4092587c6a936b7188dd93a6af
SSDEEP

3072:eDBKlv5W3I08sNYrCojxR+AuA9FU18UPPoFFWIiJu0A2OB3Massjnw:MBD3I0XNCCLA908eEWIb0JK3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db09bec4a3906988258a7658bf7f284a_JaffaCakes118

Files

db09bec4a3906988258a7658bf7f284a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f028bb42c77c6cd3ecd04de345958bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameA
EnumResourceLanguagesW
SetFilePointer
IsDBCSLeadByte
GetModuleHandleA
GlobalHandle
GetCurrentProcessId
QueryPerformanceCounter
FindNextFileA
lstrlenA
EnumResourceTypesW
ReadFile
CreateMailslotA
WideCharToMultiByte
FindFirstFileA
GetCurrentThreadId
WriteFile
FindClose

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

AccessibleChildren
CreateStdAccessibleProxyW

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ