JaffaCakes118_c878f9f5c4d9aabcc23a6fecdfeb7f96 | Triage

Sharing

General

Target

JaffaCakes118_c878f9f5c4d9aabcc23a6fecdfeb7f96
Size

277KB
MD5

c878f9f5c4d9aabcc23a6fecdfeb7f96
SHA1

9cba966476ae33c8788ef0f2a4c68469bc373a71
SHA256

12070fa62f91c097f04a3c402e2aca42bae13147832c143e2c2855714cdb40b8
SHA512

bb3b7af4b03cc370f7c71b418478b5247a7bf2571bddf78857b705a24f3b531ae61522033e404cadc2d163c334e22074f14ab529a6f8fe5746d25a6d08cb7a60
SSDEEP

6144:IM6cB26HaIhMB4H1uhUTnu0XUzD8bdlRCTC99vdr04:/HaNuH1uKUD83+gdA4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c878f9f5c4d9aabcc23a6fecdfeb7f96

Files

JaffaCakes118_c878f9f5c4d9aabcc23a6fecdfeb7f96
.exe windows:4 windows x86 arch:x86

eb6243dea7e972188e0dc85a0b73b575

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

GetDlgItem
EnumChildWindows
IsWindow
DestroyWindow
CreateWindowExW
SendMessageA
GetWindowThreadProcessId

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

AddAtomA
GetCPInfo
GetEnvironmentStringsW
GetStartupInfoA
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
EnumResourceLanguagesA
GetStringTypeExW
GetEnvironmentStrings
WriteFile
FreeEnvironmentStringsW
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 136KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ