4b7f058d55adc600bcb1af06e98b4e5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b7f058d55adc600bcb1af06e98b4e5c_JaffaCakes118
Size

175KB
MD5

4b7f058d55adc600bcb1af06e98b4e5c
SHA1

010c17f0a1ea41f981b8c0ed4b4c96e64e2f8a56
SHA256

ad20239f71853d79def73f20cd846bd5d38c3e03be4b565f027f92ba9171f0a8
SHA512

91944290c4444ca6d157c8ae1bedb7e787bc5e6eabbd2dc4440d2436c279325c44fa9c2f584b4fb01c55792083b44db7cbb4005653ba9612f4fb2377b2d6b619
SSDEEP

3072:AKWDpPQSACnnnPOljkEhdHtkHP+5jSRh4bTwW6CNK9ttbfdwndpWdqOzaktzx:AKWDZnnmlXhdNsW5S8b0pltbfEIqOzau

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b7f058d55adc600bcb1af06e98b4e5c_JaffaCakes118

Files

4b7f058d55adc600bcb1af06e98b4e5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d54ea61226154db1486464b63d1c839c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

winmm

mciSendCommandA
sndPlaySoundA

kernel32

LoadLibraryA
LeaveCriticalSection
GetAtomNameW
Sleep
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
DeleteCriticalSection
OutputDebugStringA
GetTempPathA
GetProcAddress
LoadLibraryW
EnumResourceNamesA
SetEvent
EnterCriticalSection
WaitForSingleObject
IsDBCSLeadByte
QueryMemoryResourceNotification
GetFullPathNameW
lstrcpyA
GetFullPathNameA
CreateThread
ResetEvent
FileTimeToSystemTime
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ