JaffaCakes118_6b114e983562a572b9c5cf5d1e8faaaa | Triage

Sharing

General

Target

JaffaCakes118_6b114e983562a572b9c5cf5d1e8faaaa
Size

177KB
MD5

6b114e983562a572b9c5cf5d1e8faaaa
SHA1

f9544355eb30380263902b13c16bc4f2fb8d1302
SHA256

8f21d1e948b0b999cc58706dfb5ceb8553ae0368737eecf96d5bc38565bb1bc5
SHA512

2fef35dfdf91d54ffa7eb921ab875dfa1b0a044d77967cc780dcef9d18ec4ed09d5a2f4fd143ea0d6ad223355027b2326c73d7f1d7b86ed2ed49eb5a8a665e36
SSDEEP

3072:7J2sg/xi84Z9rVpXWFZk5aDsmWOZHL2CagC1PDxgjjNWLKSDhDjtGsw:7I/74Z9RpXWFu5wnZNIPtgjjNW2SDRG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6b114e983562a572b9c5cf5d1e8faaaa

Files

JaffaCakes118_6b114e983562a572b9c5cf5d1e8faaaa
.exe windows:4 windows x86 arch:x86

de9dffbfcb903706b28536f4e67335a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

newdev

UpdateDriverForPlugAndPlayDevicesW

gdi32

GetTextMetricsA
GetTextExtentPointA
DeleteObject
GetDeviceCaps
SelectObject
CreateFontIndirectA

kernel32

LeaveCriticalSection
GetCPInfoExW
LocalFree
DeleteCriticalSection
LCMapStringA
GetLastError
GetSystemInfo
LocalAlloc
EnumResourceTypesA
GetModuleHandleA
EnterCriticalSection
GetLogicalDriveStringsA
LoadLibraryA
GetProcAddress
InitializeCriticalSection
SetStdHandle
LCMapStringW
GetStringTypeA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ