f34491222916f4387d8e7688a131e52a_JaffaCakes118 | Triage

Sharing

General

Target

f34491222916f4387d8e7688a131e52a_JaffaCakes118
Size

273KB
MD5

f34491222916f4387d8e7688a131e52a
SHA1

8df76269186bcbf5bdd67b96db532ee298783405
SHA256

858497e928063df355f082d264fbadad786125864acfc0c29be147fde20cc692
SHA512

63779c69c5c1c9e9971c2cbd07189ebed15fa6fdb3cb7c47ec96f04b46525db607832a7525a855041efdbca15d7be6b73a3be2a1c5d762238fbe707786306eee
SSDEEP

6144:UFfVjKYosv7Sv8wr+/99PqNH4t8Y0mBYwgRYzjK/AvOeE60X:Qesv79akPPQH4eTmB/uE41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f34491222916f4387d8e7688a131e52a_JaffaCakes118

Files

f34491222916f4387d8e7688a131e52a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7eed5662a9fe21e2b0ac243348a93f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
UnhandledExceptionFilter
WriteFile
FreeEnvironmentStringsW
EnumResourceLanguagesA
GetOEMCP
GetStringTypeExW
GetEnvironmentStrings
GetCPInfo
SetUnhandledExceptionFilter

iphlpapi

GetIpAddrTable

user32

CreateWindowExW
DestroyWindow
SendMessageA
EnumChildWindows
GetDlgItem
IsWindow
GetWindowThreadProcessId

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

Sections

.text
Size: 136KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ