2d40952906455d11bba929bb776a6b46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d40952906455d11bba929bb776a6b46_JaffaCakes118
Size

169KB
MD5

2d40952906455d11bba929bb776a6b46
SHA1

d110ee6bf89be98be0f864f568a2dd76c2dd74f7
SHA256

ac6208ea54250fc0c085eb7604447df1bde900f87d70f9aa088a413786e4cfea
SHA512

f31cb5db3e4747ed85eb7294dd7a1a514b7e4746af19a9d59d8563004532f4f892cd2363c0bfec5734633dfe753e7849b84ff51ae506748f7fdd0463bf994157
SSDEEP

3072:UjJz647RVbQY2ig6bkZu6BbSLaYGOn02P6rP3yr8nidnI0q+tRflSFhVeRyGjo:UjJzhRtQZig6BS5YorP3ysOnY+tRf+qU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d40952906455d11bba929bb776a6b46_JaffaCakes118

Files

2d40952906455d11bba929bb776a6b46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03bd7fd58bfdae2680bc55c2addcf8e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

GetAtomNameW
WaitForSingleObject
LeaveCriticalSection
GetTempPathA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
lstrcpyA
InitializeCriticalSection
SetEvent
OutputDebugStringA
CreateThread
GetTimeZoneInformation
EnumResourceNamesA
FileTimeToSystemTime
GetFullPathNameW
QueryMemoryResourceNotification
Sleep
GetTickCount
LoadLibraryW
DeleteCriticalSection
EnterCriticalSection
GetFullPathNameA
ResetEvent
FreeLibrary

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ