JaffaCakes118_abad1d179916bad69094217be2010b58 | Triage

Sharing

General

Target

JaffaCakes118_abad1d179916bad69094217be2010b58
Size

272KB
MD5

abad1d179916bad69094217be2010b58
SHA1

2aa7e41a008ea652384a7bd7d9cf3767c14302c4
SHA256

1ff6c315a7135fcc10a22121552f1f089ba84ce8bac2e5423de66552fa6edeea
SHA512

7f8b18d21f9acc8ae59684fe03b39b14966a0aad2ea85b89202e16640492c03f180eb3f1d8671e624b5eb227b6d8c27e21f7b8a5798b39f2ab6f084760110bfb
SSDEEP

6144:qketg7C9wDUh0HbHlYvKC55cMngWc7QzNivNBLvmm4mXgUzcAHou:qc26DU6DlYSC55bngONsfnfztHp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_abad1d179916bad69094217be2010b58

Files

JaffaCakes118_abad1d179916bad69094217be2010b58
.exe windows:4 windows x86 arch:x86

7d8edf8afc3b1a721da9728ea7a09442

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
MultiByteToWideChar
DeleteCriticalSection
GetAtomNameA
LoadResource
GetModuleHandleW
FindClose
LockResource
GetModuleFileNameW
Sleep
GetPrivateProfileIntW
MulDiv
EnumResourceTypesW
FindFirstFileW
FreeLibrary
GetVersionExW
GetProcAddress
GetPrivateProfileStringW
LoadLibraryA
GetSystemDirectoryW
LoadLibraryW
lstrlenW
WritePrivateProfileStringW
GlobalSize
GetTickCount
InitializeCriticalSection
GetLocaleInfoW

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ