JaffaCakes118_a8ff745156c0a821387e15ab395d0aa9 | Triage

Sharing

General

Target

JaffaCakes118_a8ff745156c0a821387e15ab395d0aa9
Size

279KB
MD5

a8ff745156c0a821387e15ab395d0aa9
SHA1

3e23d2cb833412cc34269ec27260d5c9f9d638b4
SHA256

0f37452f60e35d1495f80350df4ddd488e3c495d2094f2804fdc3c20dde749d5
SHA512

17d679f21591804416e562bee48e5e02256daa18c4820b44f98d6bb5351710c4a8d9db7fcbd0423de4680835d77637d0beac153af783acc41c2898715bcbf0bb
SSDEEP

6144:e2MZZls4+jJCJ+pzcl0Ya5IdVowijuPeP1Ax3w6Qr:VMZZls40J68U6IdSxjOwmi6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a8ff745156c0a821387e15ab395d0aa9

Files

JaffaCakes118_a8ff745156c0a821387e15ab395d0aa9
.exe windows:4 windows x86 arch:x86

34b40c09bf82d94a90f8086d1c56ce60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

WriteFile
ReadFile
AddAtomA
WinExec
GetVersionExW
MoveFileW
GetDriveTypeW
GlobalReAlloc
SetLastError
GetModuleHandleA
GlobalSize
GlobalFree
SetFileAttributesW
FindNextFileW
IsDBCSLeadByteEx
lstrlenW
SetFilePointer
DeleteFileW
GetProcAddress
GetFileTime
GetVersion
EnumResourceNamesW
FindFirstFileW
CloseHandle
UnlockFile
GetCurrentDirectoryW
CheckNameLegalDOS8Dot3W
SetFileTime
LockFile
LoadLibraryW
SearchPathW
GetVolumeInformationW
GetFileAttributesW
GetModuleFileNameW
GetFileSize
FindClose
IsDBCSLeadByte
OutputDebugStringA
GlobalUnlock
GetModuleHandleW
GetSystemDefaultLCID
GlobalAlloc
GetACP
GetLastError

Sections

.text
Size: 146KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ