46bc5fa24eabccb288c03efd14786ae8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46bc5fa24eabccb288c03efd14786ae8_JaffaCakes118
Size

172KB
MD5

46bc5fa24eabccb288c03efd14786ae8
SHA1

cb57d0e59ee3c1391b71f4da8236c52780247242
SHA256

4fac6edc4218baff1c1550df065ee826dd5ce26a9b0d470d0978af40fdd3e6a5
SHA512

f2ec756af5fd718a77a98c8aa858bfefeddb7f55725b5150feef38390d3351a39d8c6ca5223de3d2d03d89fb614e2eab7a87b5ec5b95f87d1c124392c86aeff1
SSDEEP

3072:OxImS8Dv2HADLdKDmyp2SIep20o9Xq/6GJsTNu+Rp4NIghAmdbh:1YvaADLdwmG2SIep2J6/6GaTNDMhV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46bc5fa24eabccb288c03efd14786ae8_JaffaCakes118

Files

46bc5fa24eabccb288c03efd14786ae8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87f4e8abe2a2917930f677fe7ad6d105

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetSystemInfo
GetStartupInfoA
AddAtomA
VirtualAlloc
TlsFree
GetStdHandle
FreeEnvironmentStringsA
GetLocaleInfoA
GetEnvironmentStringsW
GetACP
HeapSize
TlsSetValue
VirtualFree
SetLastError
GetFileType
HeapCreate
EnumResourceNamesA
TerminateProcess
GetEnvironmentStrings
TlsGetValue
TlsAlloc
IsBadStringPtrW
IsBadWritePtr
SetEndOfFile
GetModuleFileNameA
InterlockedExchange
FreeEnvironmentStringsW
GetCurrentProcess
GetVersionExA
SetHandleCount
UnhandledExceptionFilter

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ