JaffaCakes118_a0d8a6d05e49d40dcde008467422135e | Triage

Sharing

General

Target

JaffaCakes118_a0d8a6d05e49d40dcde008467422135e
Size

174KB
MD5

a0d8a6d05e49d40dcde008467422135e
SHA1

fc8a6f42d9da69e1dde86568b4efef612b575f3e
SHA256

63937432ce8cbce3d93cf782d5d568b342b491a3a3a5c804ba17c59e66afdba9
SHA512

3a05a5e52ff5aff1730822d2ad6a5b3609f05d1233dbea519316c404fc07e0bb3ee03bffe3bf47fc1dfa9f955461d72a5ddd150bafadcdf703b06baa84dbf2a4
SSDEEP

3072:v1wKJ+803oJr5d/JWunRd1obDUkktXvIZ5P2i1:vm0+803oJtdht2bDUTt0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a0d8a6d05e49d40dcde008467422135e

Files

JaffaCakes118_a0d8a6d05e49d40dcde008467422135e
.exe windows:4 windows x86 arch:x86

aa3551ab2a2d2fb39555487b2e738612

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

GetCalendarInfoW
RtlUnwind
RaiseException
VirtualFree
GetACP
GetCPInfo
SetEndOfFile
ExitProcess
ReadFile
HeapReAlloc
InitializeCriticalSection
HeapDestroy
GetOEMCP
EnumResourceNamesA
HeapCreate
FreeEnvironmentStringsA
VirtualAlloc
HeapSize
SetFilePointer
DeleteCriticalSection
EnterCriticalSection
GetStartupInfoA
IsValidCodePage
LeaveCriticalSection
SetEnvironmentVariableA

ole32

CoGetMalloc
CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoInitializeSecurity
CoUninitialize
CoQueryProxyBlanket
CoSetProxyBlanket
StringFromGUID2

rpcrt4

UuidCreate

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

IsWindow
DestroyWindow
GetDlgItem
EnumChildWindows
CreateWindowExW
SendMessageA
GetWindowThreadProcessId

shell32

SHGetFolderPathW

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ