3c18255a7fdb87196c18f7b5388ef497_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c18255a7fdb87196c18f7b5388ef497_JaffaCakes118
Size

179KB
MD5

3c18255a7fdb87196c18f7b5388ef497
SHA1

0fce0f5106efe46e2c8c1053aa9e0d7ca06b4e34
SHA256

df6f168f68a0ae09075e57008b425a36ea6e76e3a3c472997fe412a08ec8d5fd
SHA512

1ec82ea341491eb6442f473ea5f7f2e36c8cb9fac5fdc8b8eb87b915328a309dfe4825919032362befb7f7ac879f389431b01b855a56c28c29b988b283d74865
SSDEEP

3072:egxrUuYJx0l5i6ZrgjUFIyn88TBm7YZDzf6A3FvoYng7I4QsTt:dxQuwGni6yjUFPTs7YNzf6A3pY7I4Q0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c18255a7fdb87196c18f7b5388ef497_JaffaCakes118

Files

3c18255a7fdb87196c18f7b5388ef497_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c4cbeaf15d6587e360c0e129934d324

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
BaseFlushAppcompatCache
VirtualQuery
GetACP
SetLastError
TlsFree
IsBadWritePtr
TlsAlloc
EnumResourceTypesA
GetSystemInfo
VirtualFree
SetEndOfFile
CreateMailslotW
HeapDestroy
InterlockedExchange
VirtualAlloc
HeapCreate
GetLocaleInfoA

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ