JaffaCakes118_afc4d116a8db0d69b6aabd2f3b443002 | Triage

Sharing

General

Target

JaffaCakes118_afc4d116a8db0d69b6aabd2f3b443002
Size

179KB
MD5

afc4d116a8db0d69b6aabd2f3b443002
SHA1

2a410a8263f3d21d825d51790d578fa1ae79a469
SHA256

1e82c103c4ac3794d519a480508084f4ccce6f5dceb60626bc18ade4e394b86d
SHA512

ce33ddcdaa035811c6c4b0d1b3e05df0cbbc72ed2e2b470ed289b85ec28acf192182e862aef40687b2a3b5fa7db1e700adf43df1b4ff60f625ba7c5e4cda8e08
SSDEEP

3072:PWiBsGzqRlIVQGdCRC1L2BIhxBq1cNkOvQnyUs9gZ41I9Kv2uxCrC2JUk3:+iBRzqvIvdUqLXhq1I7QiGjK5YJP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_afc4d116a8db0d69b6aabd2f3b443002

Files

JaffaCakes118_afc4d116a8db0d69b6aabd2f3b443002
.exe windows:4 windows x86 arch:x86

4d6ba32b98813dcff2a235d0abab346d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
AddLocalAlternateComputerNameA
GlobalHandle
lstrlenA
SetFilePointer
FindFirstFileA
ReadFile
FindNextFileA
QueryPerformanceCounter
EnumResourceTypesW
IsDBCSLeadByte
CreateMailslotA
GetModuleHandleA
WideCharToMultiByte
EnumResourceLanguagesW
WriteFile
GetCurrentProcessId
FindClose

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

AccessibleChildren
CreateStdAccessibleProxyW

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ