JaffaCakes118_b79a6197f84d06dd3dc3a9fc3e1e2cf9 | Triage

Sharing

General

Target

JaffaCakes118_b79a6197f84d06dd3dc3a9fc3e1e2cf9
Size

179KB
MD5

b79a6197f84d06dd3dc3a9fc3e1e2cf9
SHA1

f5d245cc75ebd5e517690016be0a5d6b65850df9
SHA256

205d48d3c45a5d7ea5a0a4e475cdc0e2fe02717ce25bf5554367998425298fae
SHA512

b7294e69402d63a0587f0e5c35a0eb89e93d20af915eb8ce8389d65ee236f6c5e652a65ba5c7e58a774d844c3a1ceaead37e2a310b6623fb2207dff70c7ced3b
SSDEEP

3072:G91jjjxUZ0m4uI814ZeNyghmD0Tf+NZw6Oh655cd9eO0e68ZaOpBwcSzvZdcXflN:G4J4uIu4Zebm4TG2h65a95lqcSNdB1Sd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_b79a6197f84d06dd3dc3a9fc3e1e2cf9

Files

JaffaCakes118_b79a6197f84d06dd3dc3a9fc3e1e2cf9
.exe windows:4 windows x86 arch:x86

f4fbfc79d7aa24895896e9247b3d4170

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameA
FindFirstFileA
GlobalHandle
GetCurrentProcessId
EnumResourceLanguagesW
IsDBCSLeadByte
lstrlenA
WideCharToMultiByte
GetCurrentThreadId
EnumResourceTypesW
ReadFile
FindNextFileA
CreateMailslotA
QueryPerformanceCounter
WriteFile
GetModuleHandleA
SetFilePointer
FindClose

oleacc

AccessibleChildren
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ