69f4dfbd548a3086909345a80f8769b5_JaffaCakes118 | Triage

Sharing

General

Target

69f4dfbd548a3086909345a80f8769b5_JaffaCakes118
Size

270KB
MD5

69f4dfbd548a3086909345a80f8769b5
SHA1

16f5331e1b474f03b7078a6853cf4c728825bbb7
SHA256

6075ef96eb7b8c6c4c6dcda7111b616780bb147b062769854c2da029d787fa05
SHA512

087309aaf4d183eb492d49625535e7e74adf76947fdd0b94073bb4c10854727ab3db9ccca4a4417b3ca64fdcbf7f7f0ef8ba4644a6c7c239fe9a9ba9ae307c27
SSDEEP

6144:dsSQpKS8uLhJfqyKy6+BNViBY4NE+4xqoQT0Lrz:dscuLL++BuVssXsr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69f4dfbd548a3086909345a80f8769b5_JaffaCakes118

Files

69f4dfbd548a3086909345a80f8769b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4710fd4b91999d3523773b336f8ee19

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

shlwapi

PathAddBackslashA

kernel32

GetModuleFileNameA
HeapCreate
TlsSetValue
AddAtomA
TerminateProcess
SetLastError
TlsGetValue
SetEndOfFile
GetEnvironmentStrings
TlsAlloc
TlsFree
VirtualAlloc
HeapSize
InterlockedExchange
GetStdHandle
EnumResourceNamesA
GetCurrentProcess
FreeEnvironmentStringsA
GetFileType
FreeEnvironmentStringsW
GetSystemInfo
IsBadStringPtrW
VirtualFree
GetACP
GetLocaleInfoA
IsBadWritePtr
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
GetVersionExA
UnhandledExceptionFilter

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ