JaffaCakes118_1908ab6d26e6326da28684182a90f101 | Triage

Sharing

General

Target

JaffaCakes118_1908ab6d26e6326da28684182a90f101
Size

276KB
MD5

1908ab6d26e6326da28684182a90f101
SHA1

1e7006908ec23cfb263b7715f7c2146116c00a8b
SHA256

a3ee5513d7b4a45e0443d914b343b7e7f0127b67661ce28f5e2bb939fef739a8
SHA512

b46325f239eeef51f165dc4534608f5e089c3c2c55e1bfdc7e4ce773de2cb0372ac1ccac313cc8906e85f1debbe78dad1587c8d1b2bc403592b2d168b7f31b69
SSDEEP

6144:hQFbHhfUo3rTACgHk+YZPnO+ws75v6HyND/mMwecBt:hYBx3rcfERfOO7iy/mM2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_1908ab6d26e6326da28684182a90f101

Files

JaffaCakes118_1908ab6d26e6326da28684182a90f101
.exe windows:4 windows x86 arch:x86

2f2b1af31d70a3f347d895c9c410ea63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
TlsAlloc
BaseFlushAppcompatCache
TlsFree
GetACP
IsBadWritePtr
HeapDestroy
InterlockedExchange
SetEndOfFile
EnumResourceTypesA
GetSystemTimeAsFileTime
HeapCreate
VirtualFree
CreateMailslotW
VirtualQuery
SetLastError
VirtualAlloc
GetLocaleInfoA

newdev

UpdateDriverForPlugAndPlayDevicesA

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ