JaffaCakes118_96b6ffea96174c7f7ff34bad220adba7 | Triage

Sharing

General

Target

JaffaCakes118_96b6ffea96174c7f7ff34bad220adba7
Size

183KB
MD5

96b6ffea96174c7f7ff34bad220adba7
SHA1

6dfce6b3ead68e7ae4aac460ad210684945001d6
SHA256

0b9a63ff09f9cf705628dffffd9663f65688be2739b0dacc34a006efaa457e40
SHA512

99660231d195fee95a6824a2e3667159a94d962e26d2a13c9fc511ab2cbf39c9c26572f95c93a54de316532537d22509a5c440449e934b0a3f1c831bc60ea036
SSDEEP

3072:4zUGeo3we42KSPmDIuvfTzNXhg1rUyaYVk8r68i/kRylgEe2O0:NGepeCqmHnDwrVLOf/NQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_96b6ffea96174c7f7ff34bad220adba7

Files

JaffaCakes118_96b6ffea96174c7f7ff34bad220adba7
.exe windows:4 windows x86 arch:x86

ce19b8fb0a52108c2f1ac8444e03c330

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

shlwapi

StrCmpNIA
StrStrA

kernel32

GetStartupInfoA
AddAtomA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetOEMCP
GetEnvironmentStringsW
GetCPInfo
EnumResourceLanguagesW
WriteFile
GetPrivateProfileStructW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 92KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ