JaffaCakes118_0e58ce1d221a0f423af5114b09a300d5 | Triage

Sharing

General

Target

JaffaCakes118_0e58ce1d221a0f423af5114b09a300d5
Size

164KB
MD5

0e58ce1d221a0f423af5114b09a300d5
SHA1

8197a8b7c5961b8d6f26f2c479bc5970c82c68cb
SHA256

193ea655b405753b7a19c04ef005a0fc2d17bc8174a3db3b98f7a0e51a2f16f7
SHA512

72aff7c45f18da2222a5db9492f3e76f53128f26e8cd5ec5a5e319afad80c0fdf98b709e33fdc1d1b899bd37a774e10248bc3237deece8802639c9f4f339bea1
SSDEEP

3072:2X3PwYo138ADe8c+XpUYqwSH4wbfefjAjUHBjYo3ba1E0+nqT:2wTSoenwQ9gBco3ba1P+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0e58ce1d221a0f423af5114b09a300d5

Files

JaffaCakes118_0e58ce1d221a0f423af5114b09a300d5
.exe windows:4 windows x86 arch:x86

275a1f6d0376721799522fc025403bad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
Sleep
GetPrivateProfileStringW
InitializeCriticalSection
DeleteCriticalSection
MulDiv
GetTickCount
GetModuleHandleW
GlobalSize
GetPrivateProfileIntW
FindClose
FindFirstFileW
LoadLibraryA
LockResource
EnumResourceTypesW
MultiByteToWideChar
GetProcAddress
GetSystemDirectoryW
LoadLibraryW
LoadResource
GetVersionExW
lstrlenW
WritePrivateProfileStringW
GetModuleFileNameW
FreeLibrary
GetVersionExA
GetLocaleInfoW

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ