305ccccd98eedcc27fbf64a684b0fd2b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

305ccccd98eedcc27fbf64a684b0fd2b_JaffaCakes118
Size

2.6MB
MD5

305ccccd98eedcc27fbf64a684b0fd2b
SHA1

2a60666a3a754e03ad14a7103fc281d9a508c404
SHA256

9c3cd2dd6cc88a46339b7d4af660c160d70d34a8bae7cc8dada10b849d25a598
SHA512

23a0dace60a5f9817dd7976d3c18293d374f59fec00cc0c6440fd6cfc91997350aa24f53e07e80280f90e8d31b9bfc238ea26f54197ace3ea8bf5a79b7d6d403
SSDEEP

49152:+PMAVHW4VBW8PH9DstgTqWJGOE+hBGvKE1Mho6rQQFN/8TtY4YNRem2Ou8wHnYIl:+W4rdAeTFJy+3OCvN8+4YN9Y3M6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
305ccccd98eedcc27fbf64a684b0fd2b_JaffaCakes118

Files

305ccccd98eedcc27fbf64a684b0fd2b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9ef00b5cbd8788b5abbb16388cf28a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetCPInfoExW
DeleteCriticalSection
LCMapStringA
LocalFree
GetLastError
InitializeCriticalSection
GetSystemInfo
LocalAlloc
EnumResourceTypesA
GetModuleHandleA
EnterCriticalSection
LCMapStringW
GetProcAddress
GetLogicalDriveStringsW
LeaveCriticalSection
SetStdHandle
LoadLibraryA
GetStringTypeA

gdi32

SelectObject
DeleteObject
GetDeviceCaps
GetTextExtentPointA
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ