f616f34916905ddb0d216ac94c56c849_JaffaCakes118 | Triage

Sharing

General

Target

f616f34916905ddb0d216ac94c56c849_JaffaCakes118
Size

806KB
MD5

f616f34916905ddb0d216ac94c56c849
SHA1

e70ea4b2b6e7881cc866869c1f7b2df6a3a6ad66
SHA256

031079e9681691c95a8e7d82b88a40905cb55b8f113ff4fad56c377ecc9ec26e
SHA512

9d0719fa49efcb4538105cdd530b9691775ce79b53cf972178ce76d7857cde480fd64f395d6b04688e326e4229d25c681751b2defe30b8fd090d3f2ff1bddc5a
SSDEEP

24576:FC/QczKKM89o82Evpy8Hq9Mequw8JXsgspk3u:4Qcz7MWo82ibO7qsXsLG3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f616f34916905ddb0d216ac94c56c849_JaffaCakes118

Files

f616f34916905ddb0d216ac94c56c849_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90e38bcd14641d6b748252ae7cedfaf9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
ResetEvent
LocalSize
GetExitCodeProcess
VirtualAlloc
InterlockedExchange
GetMailslotInfo
FreeConsole
lstrlenA
LocalFree
WriteFile
ReleaseMutex
CreateThread
GetEnvironmentVariableA
GetDriveTypeW
GlobalFree
GetPrivateProfileIntW
GetModuleHandleW
GetACP
CloseHandle

user32

GetSysColor
GetSysColor
GetKeyboardType
GetClassInfoA
CallWindowProcW
DrawStateW
DispatchMessageA
SetFocus
CreateWindowExA
IsMenu
EndDialog
GetCursorInfo
GetClientRect

dsprop

ReportError
CheckADsError
CheckADsError
CheckADsError
CheckADsError

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 797KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ