2890c6550a8d0cb6b37e02fc1edef1ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2890c6550a8d0cb6b37e02fc1edef1ac_JaffaCakes118
Size

176KB
MD5

2890c6550a8d0cb6b37e02fc1edef1ac
SHA1

8cf6354e2b55fcfae8fb6bc505cd0648bc33b20d
SHA256

cc494a77a2e645ec559baf1b7846d2e86ee4a430344f36f6b52b8bdb16061b86
SHA512

220caf87ee48c1c2de8955d58573ac8ff721e1d4740935e2b50330208e8893f654c32e08d8ec7a177252c392884a2296e83896325b69c99c82e38f94913aba0e
SSDEEP

3072:haC7leSLoVyHecDLdLOQhdP7nRJnb/Vrjhvsx6ixZ:haCZnaiHdLZdTnb/Vrj5otZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2890c6550a8d0cb6b37e02fc1edef1ac_JaffaCakes118

Files

2890c6550a8d0cb6b37e02fc1edef1ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ee542441b5a3c072a50d8eee610be05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
ExitProcess
AddAtomW
FlushFileBuffers
GetModuleHandleA
SetLastError
LoadLibraryExW
GetEnvironmentVariableW
CreateFileA
GetVersionExW
GetModuleHandleW
TlsFree
HeapFree
WriteConsoleW
UnmapViewOfFile
TlsAlloc
GetTempPathW
InterlockedIncrement
GetConsoleMode
EnumResourceNamesA
VerLanguageNameA
CreateFileMappingA
GetProcAddress
GetVersionExA
GetProcessHeap
CreateFileW
GetConsoleCP
MapViewOfFile
InterlockedDecrement
HeapAlloc
GetLastError
TlsSetValue
Sleep

winmm

mciSendCommandW
sndPlaySoundW

shlwapi

PathAddBackslashW

setupapi

CM_Get_Depth_Ex
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ