JaffaCakes118_5117fbcd0183e295cabb023a91d042f9 | Triage

Sharing

General

Target

JaffaCakes118_5117fbcd0183e295cabb023a91d042f9
Size

165KB
MD5

5117fbcd0183e295cabb023a91d042f9
SHA1

058e6e685816ebe67e75e46e6417dc74dc3516d4
SHA256

4d841be30baeac58cce53882da63938c22cb125413cb9f33c90c3082b275b617
SHA512

c6990713179133d433a7ed33a8c5eee57954a31875bd32054630fd68e39b67db447fe88c04d5b5eb242bcee6c6c60c925331492ed4e8c3ac5402c62782e264ad
SSDEEP

3072:ftec/ahkaBnTFaByG6OLeYAVOIiyzy7qTvGmZkiYi/HlGm046yBP:Ac/aCUnMYGNCdOIiyzyGQ+x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5117fbcd0183e295cabb023a91d042f9

Files

JaffaCakes118_5117fbcd0183e295cabb023a91d042f9
.exe windows:4 windows x86 arch:x86

285422a35e5cbbbfd34452f64eadac7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSave
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

kernel32

GetCPInfoExW
LocalAlloc
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
DeleteCriticalSection
GetSystemInfo
GetProcAddress
EnumResourceTypesA
GetLastError
GetLogicalDriveStringsA
GetModuleHandleA
InitializeCriticalSection
LCMapStringA
LocalFree
LCMapStringW
GetStringTypeA

gdi32

GetTextMetricsA
SelectObject
DeleteObject
GetDeviceCaps
GetTextExtentPointA
CreateFontIndirectA

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ