ea3b9249a3ba39f80ce970035fd29b6e_JaffaCakes118 | Triage

Sharing

General

Target

ea3b9249a3ba39f80ce970035fd29b6e_JaffaCakes118
Size

175KB
MD5

ea3b9249a3ba39f80ce970035fd29b6e
SHA1

ce74a66ddbb12215633684c89b8f8953b162d6fe
SHA256

2c5ce95aeacb3e801b028f20d29e38cc37f743e9510277c96a7a9bd59e6e1135
SHA512

b8a3340e24eb7a686e510d9cb5734e86a4b11e27892bef1f5cd9c9db6dd75ef06fe5fcd360a8c5aac71762f5c32e83ebfda964acf48bba8c4af9bc534d08b558
SSDEEP

3072:08pm73ZaCPVzYDHn6eXy5n0GrY7ANMFfNnRgs/M4/m+iNVvzxmJrY+zuHbKJlUtV:V0ZeHS50GqfpRRU9+A6IK8t6Vb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea3b9249a3ba39f80ce970035fd29b6e_JaffaCakes118

Files

ea3b9249a3ba39f80ce970035fd29b6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22d162e8130f410aec46febf0cdac588

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetCPInfo
DeleteCriticalSection
GetModuleHandleA
LCMapStringW
LoadLibraryA
GetSystemInfo
LocalFree
EnterCriticalSection
EnumResourceTypesA
LCMapStringA
SetStdHandle
GetLastError
GetProcAddress
GetLongPathNameA
InitializeCriticalSection
LocalAlloc
LeaveCriticalSection
GetStringTypeA

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

winmm

timeGetTime
timeSetEvent

ole32

OleSave
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ