fffc82a85caa842b7b50f47010f6ae17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fffc82a85caa842b7b50f47010f6ae17_JaffaCakes118
Size

169KB
MD5

fffc82a85caa842b7b50f47010f6ae17
SHA1

1870241e4367f36429eb1960fa39d66666e2b913
SHA256

7a30da22ca4a9d9df3a508064eb6f414604fdcb2ec2ca6aa5427c99910cd2fb8
SHA512

a987c744b6c507ed5a676aa6c53277c0010a39feaf562c3beb9c5d7884a170d14ec5c32f0b3fc483e9386d34c30ad0df7722af076d47692bc508d6a412f995a1
SSDEEP

3072:nV2WW/0DtEotelSlHg2M/LdTPQRhcAEnqQ3maStkDV8umPGdtI:YhxielS4LdIW5ZmPkDV8umPGdt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fffc82a85caa842b7b50f47010f6ae17_JaffaCakes118

Files

fffc82a85caa842b7b50f47010f6ae17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4bb3090344f717025fcabd82c35276ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetFileSize
ReadFile
GetModuleHandleA
SetLastError
GetFileTime
GetVersion
AddAtomA
LoadLibraryW
GlobalSize
OutputDebugStringA
LockFile
FindNextFileW
UnlockFile
SearchPathW
WinExec
GetModuleHandleW
GlobalAlloc
GlobalFree
GlobalReAlloc
EnumResourceNamesW
SetFilePointer
GetProcAddress
GetVolumeInformationW
GetACP
IsDBCSLeadByteEx
GetSystemDefaultLCID
MoveFileW
CheckNameLegalDOS8Dot3W
CloseHandle
IsDBCSLeadByte
WriteFile
SetFileAttributesW
GetVersionExW
GetCurrentDirectoryW
GlobalUnlock
SetFileTime
GetDriveTypeW
FindFirstFileW
GetFileAttributesW
lstrlenW
DeleteFileW
FindClose
GetLastError

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 89KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ