72593a603eaabb54cf4fde67ac168b88_JaffaCakes118 | Triage

Sharing

General

Target

72593a603eaabb54cf4fde67ac168b88_JaffaCakes118
Size

172KB
MD5

72593a603eaabb54cf4fde67ac168b88
SHA1

94792dea0ca2aeb8a619c80ebed2ffcb4dd8465f
SHA256

ef6860d992093497d74c885b7c17e390c637df00346c2420d457500fd73e7b79
SHA512

d7b9fa40ccbe834758b8a5176162ad538ac820aa0a09177d38a7770b196e34956d9cfa914ea27957c1fc25052c5b00436c2a64084e481868dcb1cc6955dab757
SSDEEP

3072:bZSto+pGR5JICSEg82fXGr06p7TfS/PQ5YCjlhBYgIpYG21OlCE:aE8CSx82Oz7T93BhBYzpYzS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72593a603eaabb54cf4fde67ac168b88_JaffaCakes118

Files

72593a603eaabb54cf4fde67ac168b88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3be84b807e6dda6dcbf8003b76a14bff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

kernel32

GetEnvironmentStringsW
SetHandleCount
GetEnvironmentStrings
AddAtomA
GetACP
GetStdHandle
SetLastError
TerminateProcess
GetLocaleInfoA
TlsFree
VirtualAlloc
FreeEnvironmentStringsW
EnumResourceNamesA
GetSystemInfo
HeapSize
IsBadWritePtr
TlsSetValue
GetCurrentProcess
VirtualFree
GetVersionExA
InterlockedExchange
IsBadStringPtrW
FreeEnvironmentStringsA
TlsAlloc
GetFileType
HeapCreate
GetModuleFileNameA
SetEndOfFile
GetStartupInfoA
TlsGetValue
UnhandledExceptionFilter

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ