f53d28a008347239dc97159feb601c77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f53d28a008347239dc97159feb601c77_JaffaCakes118
Size

177KB
MD5

f53d28a008347239dc97159feb601c77
SHA1

c59575cfd59c0f0c3ee79cf109bcce21168dfa9a
SHA256

8018a10a2f2532a29c407269fb125a9f976daa8dfa33c71841cc751ac5bff230
SHA512

afc4a1e1ad045bd531108df6b9ccdea0f476e20950021586063f5e2d6969db3415c20cdc8746468cffd58d5a48d10de34fb6de83526a35b5265b5aa0a31603d7
SSDEEP

3072:bFU9S3aEsN33JJRn4j0sDwgxDP2iPepDz5NAY6E+X6J92C3JN:bk3d3J77sD5PPWpB8X6J9d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f53d28a008347239dc97159feb601c77_JaffaCakes118

Files

f53d28a008347239dc97159feb601c77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d402bebc7e54fec3f52a20d4f262dfa8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

LoadLibraryA
LocalFree
GetCPInfoExW
LeaveCriticalSection
SetStdHandle
GetProcAddress
LCMapStringA
LCMapStringW
InitializeCriticalSection
EnumResourceTypesA
GetModuleHandleA
GetSystemInfo
GetLogicalDriveStringsA
LocalAlloc
EnterCriticalSection
GetLastError
DeleteCriticalSection
GetStringTypeA

gdi32

SelectObject
DeleteObject
GetTextMetricsA
GetTextExtentPointA
GetDeviceCaps
CreateFontIndirectA

ole32

OleSave
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemRealloc

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ