2b525716f59311ff851ad8eaa1925e99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b525716f59311ff851ad8eaa1925e99_JaffaCakes118
Size

1.6MB
MD5

2b525716f59311ff851ad8eaa1925e99
SHA1

4c4b698f08430164f4a630d9220d4f10e2e76da1
SHA256

c7a96afe15650e0c131b8fa7ff29410f7827ce6802eeba23a734026b6916e1d1
SHA512

57bfd8a4b007f8bd7ee59348d4547eabc7029f0a2fe5c2476583d1985c72905525857dd0a42105bf734696e4d26a6f8048fe7f8e858e1f9390513f5fc370e761
SSDEEP

24576:5oGoSz8wZQdkKEmf3i7yppSuNr7LsNGD0nwm5cdsP5JoF+VdIsLACky5O6sv0D:xoSzd35QpSyfLowgcduVOsbZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b525716f59311ff851ad8eaa1925e99_JaffaCakes118

Files

2b525716f59311ff851ad8eaa1925e99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f5e4d956e15eb9b9a6f10e91b712e7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandW
sndPlaySoundW

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashW

kernel32

TlsSetValue
SetLastError
GetVersionExW
AddAtomW
GetTempPathW
GetProcessHeap
TlsGetValue
WriteConsoleW
CreateFileMappingA
GetEnvironmentVariableW
InterlockedIncrement
GetModuleHandleW
FlushFileBuffers
GetLastError
TlsAlloc
GetModuleHandleA
ExitProcess
CreateFileW
EnumResourceNamesA
GetConsoleMode
GetVersionExA
VerLanguageNameA
GetProcAddress
HeapAlloc
CreateFileA
LoadLibraryExW
InterlockedDecrement
UnmapViewOfFile
TlsFree
MapViewOfFile
HeapFree
GetConsoleCP
Sleep

Sections

.text
Size: 818KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 846KB - Virtual size: 846KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ