JaffaCakes118_2212e1e483f4db62f625f8abfeb4c942 | Triage

Sharing

General

Target

JaffaCakes118_2212e1e483f4db62f625f8abfeb4c942
Size

165KB
MD5

2212e1e483f4db62f625f8abfeb4c942
SHA1

c4671dcdf9e7a1348f9504fb6bf6a13f099734f7
SHA256

273e6e9469748b89fdcf45d11d95ccaa31775c639b6ced54cd0756e382480018
SHA512

818e1687a498f833b7fd29a73e4e212eeb989fc1b76bb82e2d92259414635000f4e264e7792b1498b1adba5b79d26d2c5e61a811a9517742291c044393bfd525
SSDEEP

3072:6o53+GnxSJhBpQ11hWn7qnS6VtaC6zS59RKQLlTPub8SdXkeK/GnzonfIf:UGUlWon7qSgNRVFuMnfIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2212e1e483f4db62f625f8abfeb4c942

Files

JaffaCakes118_2212e1e483f4db62f625f8abfeb4c942
.exe windows:4 windows x86 arch:x86

3bc10fd3ad9c2316a21da21e3c92294b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
GlobalHandle
GetCurrentProcessId
EnumResourceLanguagesW
FindFirstFileA
WideCharToMultiByte
ReadFile
GetCurrentThreadId
WriteFile
FindNextFileA
EnumResourceTypesA
IsDBCSLeadByte
QueryPerformanceCounter
GetSystemDirectoryW
GetModuleHandleA
SetFilePointer
lstrlenA
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ