JaffaCakes118_df1eb987830bda517469d30806e774ad | Triage

Sharing

General

Target

JaffaCakes118_df1eb987830bda517469d30806e774ad
Size

164KB
MD5

df1eb987830bda517469d30806e774ad
SHA1

284bbec0b74f3916f52bbc89ddc51cdd8e4b634a
SHA256

256b509ebe52bad08fe0226c48afb011b58225a32a155e787ad0d4e94c2386e4
SHA512

9e76ea50df57fb74377dc529d52cef739a7af58fd8e067e515f10da65313ed5c94a87385eb8a42a848229b6dab58afe2ded44935c988c8e461def0e7040c8f65
SSDEEP

3072:hGU0Ivg461pW09rkkhfKEvaQYFz9ejlLbobgum1krNHDh7RFGkBUjis3RMLB:hGU0cLo00mCQh9IlvogVC5N7rfUuaMLB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_df1eb987830bda517469d30806e774ad

Files

JaffaCakes118_df1eb987830bda517469d30806e774ad
.exe windows:4 windows x86 arch:x86

b76d908ccd568d55973340ccc8806386

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
CompareFileTime
VirtualFree
WriteFile
LocalFree
GetSystemTime
SetEvent
SystemTimeToTzSpecificLocalTime
GetEnvironmentVariableA
GetTempPathA
GetCurrentProcessId
SetFilePointer
ResetEvent
GetTickCount
LoadLibraryA
GetCurrentProcess
EnumResourceTypesW
GetSystemDirectoryW
GetProcAddress
HeapAlloc
SystemTimeToFileTime
OpenEventA
HeapFree
CreateThread
Sleep
GetSystemInfo
CreatePipe

newdev

UpdateDriverForPlugAndPlayDevicesW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ