JaffaCakes118_43d726c3fcb08b40a64b6b5f05abde18 | Triage

Sharing

General

Target

JaffaCakes118_43d726c3fcb08b40a64b6b5f05abde18
Size

183KB
MD5

43d726c3fcb08b40a64b6b5f05abde18
SHA1

d20240914846f910be266d50db6cf2d303f829e5
SHA256

21ffcfe26ff5e2b7368eca613b90a94e168175f355afc6e23785442a73f0b09e
SHA512

474fc849f786ef68c885809a00e45d0446dad600e32f37d5aaacb669e87cfad4b1342ca5a074a83e9ae6e596985f1e31264303115479688242cf525241c96ad9
SSDEEP

3072:hzIIiglntYsALBO6tBONx+LMG/kh8rhg1rUyaYVk8r68i/kRylgEe2O0:OITHAM+BsrKFwrVLOf/NQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_43d726c3fcb08b40a64b6b5f05abde18

Files

JaffaCakes118_43d726c3fcb08b40a64b6b5f05abde18
.exe windows:4 windows x86 arch:x86

b9a8c64504015470eeb803fb73c5231b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

GetVersionExA
AddAtomA
GetModuleHandleA
HeapFree
TlsSetValue
TlsGetValue
HeapAlloc
EnumResourceLanguagesW
GetProcAddress
GetPrivateProfileStructW
ExitProcess
TlsAlloc
FlushFileBuffers
GetProcessHeap
TlsFree

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

comctl32

ImageList_DragLeave
ImageList_DragMove
ImageList_DragEnter

shell32

SHGetFolderPathW

shlwapi

StrCmpNIA
StrStrA

iphlpapi

GetIpAddrTable

Sections

.text
Size: 92KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ