0e6c21ac77d6317691fbed7b3ff7908f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e6c21ac77d6317691fbed7b3ff7908f_JaffaCakes118
Size

169KB
MD5

0e6c21ac77d6317691fbed7b3ff7908f
SHA1

c1a4ea3990da5cb4b5cc574de14c793473fc4b7e
SHA256

e0dac7c4162cf562995a06a352011aa48f6577ac48cb59f559975c71504f5c94
SHA512

0a702517074006aad6c3ec6723124ae14f1ccfdd6484c4b64e1d167e18058689eaf65699fb7af2b0ccad3a8848cac575cf751204cd07b3e55b46edee9f415215
SSDEEP

3072:hmUamulpsZsMfhuR4Lg0n7jp1ZbGnfJLGL0JarzXFT/2z1tB:hpaJbsZb5uR4LgG7jfZbMhLGL0SzXgz9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e6c21ac77d6317691fbed7b3ff7908f_JaffaCakes118

Files

0e6c21ac77d6317691fbed7b3ff7908f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38e95b44ff92a7f64ec4a2aa81eaee47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

kernel32

CreateThread
IsDBCSLeadByte
GlobalAddAtomW
ResetEvent
WaitForSingleObject
FileTimeToSystemTime
GetTimeZoneInformation
GetProcAddress
EnterCriticalSection
GetFullPathNameW
InitializeCriticalSection
EnumResourceNamesA
SetEvent
DeleteCriticalSection
GetTempPathA
LeaveCriticalSection
LoadLibraryA
VerLanguageNameA
Sleep
GetTickCount
lstrcpyA
GetFullPathNameA
OutputDebugStringA
LoadLibraryW
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ