JaffaCakes118_3c5e6b8c4a5475493f413a38195605d0 | Triage

Sharing

General

Target

JaffaCakes118_3c5e6b8c4a5475493f413a38195605d0
Size

183KB
MD5

3c5e6b8c4a5475493f413a38195605d0
SHA1

cc04807c74e12f9851bdaddbe0042f8f7e789a2d
SHA256

107611f23a6364bdd7907954eaa67976adf854619801964629e9b8fd8cb4b7f6
SHA512

06f861305217ae5402eaede9da85a8e627e48e9b46b8f28ebbdbc53460a617812184fd4317c0045271bb76847ec84bd7769f2e4343ef70f2394d4d25eac1146b
SSDEEP

3072:wFldeCh7i/0ZXZkedhBIq8ahT1lQjG63PPjZMDmxRJ63Mk:wE+7i8ZXZkwaqbh1lcl3O6xT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3c5e6b8c4a5475493f413a38195605d0

Files

JaffaCakes118_3c5e6b8c4a5475493f413a38195605d0
.exe windows:4 windows x86 arch:x86

6687323c0b95b5417ba51e63af10f190

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetAtomNameA
GetSystemTime
GetTickCount
HeapFree
WriteFile
GetSystemInfo
SetFilePointer
GetCurrentProcessId
ResetEvent
GetTempPathA
Sleep
EnumResourceTypesW
OpenEventA
HeapAlloc
SystemTimeToTzSpecificLocalTime
CompareFileTime
SetEvent
GetCurrentProcess
LoadLibraryA
CreateThread
GetSystemDirectoryW
VirtualFree
SystemTimeToFileTime
GetProcAddress
GetEnvironmentVariableA
CreatePipe

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ