JaffaCakes118_69783f704e9622634593d87025682fb1 | Triage

Sharing

General

Target

JaffaCakes118_69783f704e9622634593d87025682fb1
Size

165KB
MD5

69783f704e9622634593d87025682fb1
SHA1

051414fc0cd4e6ecd775d4181826f61025ac2e8d
SHA256

16a5958a11e87444be3d404523ba3ff7e1b9ab53711afe784bc171fa557a02f6
SHA512

2e20ac05ac508446df613bc89b452ce054400dce2503d8aa96aba567798462168726709b1d2f94b08ee007095b534f7d97deed4710ea751885f06d0122daca3d
SSDEEP

3072:+zyAKCVCN/u9TMoINGs8YqJzO7lXf5XtsCyy6QAV2/it+AriuF:+B/CNuTMDX9kuf5ryQa2/i1iu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_69783f704e9622634593d87025682fb1

Files

JaffaCakes118_69783f704e9622634593d87025682fb1
.exe windows:4 windows x86 arch:x86

0523f671210031448120064b05e7452d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
FindFirstFileW
GetAtomNameA
GetModuleFileNameW
GetTickCount
GetVersionExA
LoadResource
GetModuleHandleW
WritePrivateProfileStringW
GetVersionExW
GetProcAddress
GetPrivateProfileStringW
MultiByteToWideChar
EnumResourceTypesW
GetPrivateProfileIntW
DeleteCriticalSection
lstrlenW
FindClose
GlobalSize
GetSystemDirectoryW
MulDiv
LockResource
InitializeCriticalSection
Sleep
FreeLibrary
LoadLibraryA
GetLocaleInfoW

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ