JaffaCakes118_38728d9907553634d48d7273063b11e2 | Triage

Sharing

General

Target

JaffaCakes118_38728d9907553634d48d7273063b11e2
Size

164KB
MD5

38728d9907553634d48d7273063b11e2
SHA1

c91fda7d6e0c081c10a8e36f006ada0a24540ff3
SHA256

71e645fa6968a5308e315fff5cc17aaba73125b2161d5c9806aee68b8a95e8e5
SHA512

72ca8fd47a8896ca339415c45a3d0f2640d42f6eb4783e9fa8b2d7feda096a50465b6ffdc99955738c8cb2423eab829c38e09017ae92e660a5eff2857cb2e0ab
SSDEEP

3072:RUVFkahDKNON9Ls+u3PPRrih4eexeeuRC8F4eyFcKkMtIyzQfCiroDRPL:eFLJM5riRMUPCzcKhnzQKLD5L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_38728d9907553634d48d7273063b11e2

Files

JaffaCakes118_38728d9907553634d48d7273063b11e2
.exe windows:4 windows x86 arch:x86

ee29384ee24d655b1afb822887c53796

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
FindFirstFileA
GlobalGetAtomNameW
WriteFile
QueryPerformanceCounter
IsDBCSLeadByte
lstrlenA
EnumResourceLanguagesW
FindNextFileA
GetCurrentProcessId
EnumResourceTypesA
ReadFile
CreateMailslotA
WideCharToMultiByte
GetModuleHandleA
SetFilePointer
GetCurrentThreadId
FindClose

oleacc

AccessibleChildren
CreateStdAccessibleProxyA

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ