fd6616eec5f16933c2b92ed4ae036899_JaffaCakes118 | Triage

Sharing

General

Target

fd6616eec5f16933c2b92ed4ae036899_JaffaCakes118
Size

193KB
MD5

fd6616eec5f16933c2b92ed4ae036899
SHA1

1eae59e6b79223185fd6f52f275cb441bf80b2e4
SHA256

6021bb39b25acd97b7a0e3547321cf458ed73df0bf8d15e21504567a1063a73c
SHA512

7eb4d37aea8930a345ed1810dbb5f62eb0a9e62efe82cbfcad16373e066d4cb121f2e6c306eaefa159abf8a7d69b3bf7bf3e263bc03fae8258764337e1ed24e8
SSDEEP

6144:Hfsj7z1nV5RUzWyRrC1BXVjsOu09Nn12A:HWncamoHsOu09Nn1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd6616eec5f16933c2b92ed4ae036899_JaffaCakes118

Files

fd6616eec5f16933c2b92ed4ae036899_JaffaCakes118
.exe windows:4 windows x86 arch:x86

963cccdc76b7c378733f0526585e536a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

kernel32

GetAtomNameW
GetFileTime
IsDBCSLeadByte
UnlockFile
SearchPathA
GetUserDefaultLangID
FindResourceExW
GetProfileStringA
EnumResourceNamesA
GetFileType
GetVersionExA
LockFile
CompareStringA
FileTimeToSystemTime
FlushFileBuffers
SetEndOfFile
GetFileAttributesW
TzSpecificLocalTimeToSystemTime
GetVolumeInformationA
FileTimeToLocalFileTime
GetSystemDirectoryA

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ