JaffaCakes118_e8d516a1d4cea6637adea75d8c3a5741 | Triage

Sharing

General

Target

JaffaCakes118_e8d516a1d4cea6637adea75d8c3a5741
Size

273KB
MD5

e8d516a1d4cea6637adea75d8c3a5741
SHA1

437ad6e0c4a77d94fdd1d6de9d07e14bcd74249c
SHA256

1096bbe9d20f24b9e9f72afd59f14a256fef39b444727faaf2782c20211f615a
SHA512

082b9e1942beeabd9ee7866af58d90f26e6b603693c9b034d0c1c8d432dc56add6699163e31074e9c322662f4bf92d3f79643d286a41b728c779c8bbe3f49e6b
SSDEEP

6144:tNhloreqX/VThJt5VufH4pqsGEaImwlmckFMEukgD5:hyzX/3/5VDqEDmYzkF0kY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e8d516a1d4cea6637adea75d8c3a5741

Files

JaffaCakes118_e8d516a1d4cea6637adea75d8c3a5741
.exe windows:4 windows x86 arch:x86

8ac657e986bb4a393fe5f3b10191d89a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
GetAtomNameA
MulDiv
GetProcAddress
GlobalSize
GetModuleHandleW
GetVersionExW
FindClose
LoadLibraryA
GetVersionExA
FindFirstFileW
Sleep
LoadLibraryW
LockResource
EnumResourceTypesW
InitializeCriticalSection
GetPrivateProfileStringW
GetSystemDirectoryW
GetPrivateProfileIntW
GetModuleFileNameW
DeleteCriticalSection
GetTickCount
LoadResource
MultiByteToWideChar
lstrlenW
FreeLibrary
GetLocaleInfoW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ