JaffaCakes118_17e28a792f2fea781c5038ed34ed2c05 | Triage

Sharing

General

Target

JaffaCakes118_17e28a792f2fea781c5038ed34ed2c05
Size

165KB
MD5

17e28a792f2fea781c5038ed34ed2c05
SHA1

bc2156d0821b3b1deb963aaa7443331781cd24a4
SHA256

66c501de1e311ae66ba47de335de4e16a8e3f858076498a8e3682853647dfc3f
SHA512

ac7f4aad1eb07479a62950f5e520cbd1c1ba08340fc24a7420f0eaa61010ab3fdb706bc2adfbb6782edc25c74c3cd5959b71e52f6adc07f4398ec17999dde9a8
SSDEEP

3072:7PlW+AhhuDcFQjXtMPXoJ6Q6QLl73qKk3cY:blWRuDcWX+PX7Il2KkMY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_17e28a792f2fea781c5038ed34ed2c05

Files

JaffaCakes118_17e28a792f2fea781c5038ed34ed2c05
.exe windows:4 windows x86 arch:x86

b7b4e5460ca9f05d6e8288dcaa6512c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
WritePrivateProfileStringW
GetAtomNameA
LockResource
GetProcAddress
GetVersionExW
GetVersionExA
MulDiv
GetPrivateProfileStringW
GetModuleHandleW
FindClose
MultiByteToWideChar
lstrlenW
LoadLibraryA
GetTickCount
GlobalSize
EnumResourceTypesW
FreeLibrary
FindFirstFileW
GetSystemDirectoryW
LoadLibraryW
DeleteCriticalSection
GetModuleFileNameW
LoadResource
GetPrivateProfileIntW
Sleep
GetLocaleInfoW

oleacc

LresultFromObject
CreateStdAccessibleObject
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ