f2cbb52e9371903249c0b79c9e0f3ba5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2cbb52e9371903249c0b79c9e0f3ba5_JaffaCakes118
Size

172KB
MD5

f2cbb52e9371903249c0b79c9e0f3ba5
SHA1

46a8ec8b808892383dd6bab271dbd39326f99ab2
SHA256

c63b2e4ae81b9d3756adaeae5915086e4be8e3f950b23d93aadb6067f7752dc3
SHA512

2458707cde9679222aa3b23a2c39eba4e4330e47f924d5db8330872a9d45b5f5cf572082bc20f3ed56f68b2861bd5e3be7bcc97a236e799dfb3a296f377d143b
SSDEEP

3072:Atn7n0R02lVHd7LV8deTq3h0naW9DE968TIpB/5OP9goC0REQNesw9SXatr04P:Ax7nSlVHFJaaqx0aW9d8TIHAVBCowpy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2cbb52e9371903249c0b79c9e0f3ba5_JaffaCakes118

Files

f2cbb52e9371903249c0b79c9e0f3ba5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4b91a407ad1a35a798c468b08f03c7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

SetEndOfFile
GetEnvironmentStringsW
IsBadWritePtr
AddAtomA
VirtualAlloc
TlsFree
TlsAlloc
SetLastError
HeapCreate
InterlockedExchange
TerminateProcess
TlsSetValue
TlsGetValue
GetEnvironmentStrings
GetStdHandle
GetACP
EnumResourceNamesA
FreeEnvironmentStringsW
GetFileType
HeapSize
GetVersionExA
FreeEnvironmentStringsA
GetModuleFileNameA
IsBadStringPtrW
GetSystemInfo
GetCurrentProcess
VirtualFree
GetLocaleInfoA
SetHandleCount
GetStartupInfoA
UnhandledExceptionFilter

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ