e2a78df6def32e017060a77a1f29aa7f_JaffaCakes118 | Triage

Sharing

General

Target

e2a78df6def32e017060a77a1f29aa7f_JaffaCakes118
Size

279KB
MD5

e2a78df6def32e017060a77a1f29aa7f
SHA1

1eaccdb65ed49177469afc229d0d02c25b3ae017
SHA256

713adce6490ccc67a5dcb86804abb73751755eb4124371631118423c841ae175
SHA512

defa80685cd82c484bd623dc3650fb45dddd72ebe8aec6de70ca488b5af7d40d7e4721e5a0b09408dd135db13ccd6fe0f9e30493586eba0f7d6511744282fac9
SSDEEP

6144:e2MZZlsT+jJCJ+pzcl0Ya5IdVowijuPeP1Ax3w6Qr:VMZZlsT0J68U6IdSxjOwmi6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2a78df6def32e017060a77a1f29aa7f_JaffaCakes118

Files

e2a78df6def32e017060a77a1f29aa7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34b40c09bf82d94a90f8086d1c56ce60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

WriteFile
ReadFile
AddAtomA
WinExec
GetVersionExW
MoveFileW
GetDriveTypeW
GlobalReAlloc
SetLastError
GetModuleHandleA
GlobalSize
GlobalFree
SetFileAttributesW
FindNextFileW
IsDBCSLeadByteEx
lstrlenW
SetFilePointer
DeleteFileW
GetProcAddress
GetFileTime
GetVersion
EnumResourceNamesW
FindFirstFileW
CloseHandle
UnlockFile
GetCurrentDirectoryW
CheckNameLegalDOS8Dot3W
SetFileTime
LockFile
LoadLibraryW
SearchPathW
GetVolumeInformationW
GetFileAttributesW
GetModuleFileNameW
GetFileSize
FindClose
IsDBCSLeadByte
OutputDebugStringA
GlobalUnlock
GetModuleHandleW
GetSystemDefaultLCID
GlobalAlloc
GetACP
GetLastError

Sections

.text
Size: 146KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ