f85854009ae52dadfdebca2e555edc8a_JaffaCakes118 | Triage

Sharing

General

Target

f85854009ae52dadfdebca2e555edc8a_JaffaCakes118
Size

277KB
MD5

f85854009ae52dadfdebca2e555edc8a
SHA1

b3ca74fea3211d9851dcaf1fc698eda83219b8d3
SHA256

d69530b5325383b6fa9f7ac75779f6593c51ce7842f44608311a44ec6e780f13
SHA512

6351abe4cb40c1ed2cf07a1b78e383cc906972a12405335a9974c2e2e832e3be0a64137e86c5b094494b068398875299ca070006ab6cace2c41215a57fef1c0f
SSDEEP

6144:KuYkhTOTnIlu3Y+2cg4OJp937l5JOjdz+Y7Epg:OiTde2cSFXJOB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f85854009ae52dadfdebca2e555edc8a_JaffaCakes118

Files

f85854009ae52dadfdebca2e555edc8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f826cc2872f2b9859cc24cadf0eac5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

EnumChildWindows
CreateWindowExW
GetDlgItem
SendMessageA
IsWindow
DestroyWindow
GetWindowThreadProcessId

kernel32

GetOEMCP
AddAtomA
GetStartupInfoA
GetEnvironmentStringsW
UnhandledExceptionFilter
GetEnvironmentStrings
FreeEnvironmentStringsA
EnumResourceLanguagesW
GetPrivateProfileStructA
GetCPInfo
WriteFile
FreeEnvironmentStringsW
SetUnhandledExceptionFilter

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 136KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ