18544adba46d8afa33460554a71de6de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18544adba46d8afa33460554a71de6de_JaffaCakes118
Size

185KB
MD5

18544adba46d8afa33460554a71de6de
SHA1

48cb21605b64368121b578eaf1bea531c00c89d3
SHA256

57dfb53f198e4e6980f445541431baf05a213ebcafaabb46ebbef187780e357e
SHA512

bbede18b3690b532387242decb4380b2da36206132ff4b268ba03560d77fc5ddca248b3695240076f1d3d728c83e789f7732cc2f01551d88c204fb35ad5b6e47
SSDEEP

3072:EATqWCX5OXowfzaJemxm2oXPexWLo7xw87sXAICyEVHd+u8htw:jTzCX5OXoOzaMmwtexWEW8ByWRn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18544adba46d8afa33460554a71de6de_JaffaCakes118

Files

18544adba46d8afa33460554a71de6de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e66b3cf77f3c543cdd0a8ac5e83d0241

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

iphlpapi

GetIpAddrTable

kernel32

FreeEnvironmentStringsW
AddAtomA
WriteFile
GetOEMCP
UnhandledExceptionFilter
GetEnvironmentStringsW
EnumResourceLanguagesA
GetEnvironmentStrings
GetNumberFormatW
GetStartupInfoA
FreeEnvironmentStringsA
GetCPInfo
SetUnhandledExceptionFilter

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

CreateWindowExW
IsWindow
SendMessageA
EnumChildWindows
DestroyWindow
GetDlgItem
GetWindowThreadProcessId

Sections

.text
Size: 97KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ