712c1ccef277aaacf13250ce652f5fbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

712c1ccef277aaacf13250ce652f5fbb_JaffaCakes118
Size

176KB
MD5

712c1ccef277aaacf13250ce652f5fbb
SHA1

e099a9dcadfd9c6c9243194a22cc620be89c2720
SHA256

3f9579e3f00a4e01cc430a2141128e16affcff4ff3d555e6549ee3edd88fb7e5
SHA512

5f413658853d6f711cc18228c452b7f4b7fdf271d7dce9d8c634d3208b7ba83e2a91a3a457a34bed8c2d2cde65257bb42c45502799deb2e2d5c4521489a068e2
SSDEEP

3072:6CVH9q/whxmU95WhTf+q/nH6ShTqpx/z3uuTdtUHuczn8yFUV3aJSmYL+Nq99l5U:60ByU95+Tf+q/XqLb3uSdKBypaJSmYLN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
712c1ccef277aaacf13250ce652f5fbb_JaffaCakes118

Files

712c1ccef277aaacf13250ce652f5fbb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a8017fb236c345229dc5213581ca62e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth_Ex
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

winmm

mciSendCommandW
sndPlaySoundW

shlwapi

PathAddBackslashW

kernel32

GetModuleHandleW
GetVersionExW
GetConsoleCP
TlsFree
TlsAlloc
AddAtomW
TlsGetValue
GetEnvironmentVariableW
SetLastError
GetVersionExA
GetLastError
GetConsoleMode
GetTempPathW
CreateFileW
EnumResourceNamesA
InterlockedDecrement
FlushFileBuffers
WriteConsoleW
HeapAlloc
GetModuleHandleA
HeapFree
CreateFileA
UnmapViewOfFile
IsBadStringPtrW
InterlockedIncrement
TlsSetValue
ExitProcess
GetProcAddress
CreateFileMappingA
GetProcessHeap
MapViewOfFile
LoadLibraryExW
Sleep

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ