JaffaCakes118_33113fea902553e5867b933e4876a93c | Triage

Sharing

General

Target

JaffaCakes118_33113fea902553e5867b933e4876a93c
Size

165KB
MD5

33113fea902553e5867b933e4876a93c
SHA1

94d85e74a821cf6403ae99db51cffb761b973a84
SHA256

19f2389fdb85aed301d76f4a096931e02f05ce40cea7baad98d8b19a92240799
SHA512

58a0b9a059b49bf49726c0534680160bc57a81b4faa886b8d0b303eb97422ccecde83f5d8ca2feea1affdd93a92b734cd8f0ce54f7303d23bf0c8c897cf927bd
SSDEEP

3072:KeyENP7FGU0uOU6RBUM9d77HbvstVKNvgl15B3CedTUid94fUG:dNQPuOzH9J7mVKNIdCsN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_33113fea902553e5867b933e4876a93c

Files

JaffaCakes118_33113fea902553e5867b933e4876a93c
.exe windows:4 windows x86 arch:x86

0eebcb67fc1ae46d3ba278275f53a2c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetPrivateProfileStringW
DeleteCriticalSection
InitializeCriticalSection
LockResource
lstrlenW
GetVersionExA
FindClose
GetProcAddress
FindFirstFileW
MulDiv
MultiByteToWideChar
GetModuleFileNameW
EnumResourceTypesW
LoadResource
GetTickCount
LoadLibraryA
WritePrivateProfileStringW
GetSystemDirectoryW
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetPrivateProfileIntW
GetVersionExW
GlobalSize
Sleep
GetLocaleInfoW

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ