8c675a888d0a2281af8cb91cc8864e34_JaffaCakes118 | Triage

Sharing

General

Target

8c675a888d0a2281af8cb91cc8864e34_JaffaCakes118
Size

181KB
MD5

8c675a888d0a2281af8cb91cc8864e34
SHA1

5ef4864f9b4d1a807195254124cfbddb94924491
SHA256

13a7da4a12ea950b95d919828dde988a65a207bc27e6697b5803121456ad26ae
SHA512

533376f7302bd8c236135396fea3e9e022ed64dbd8858d0ae36f2ca7171ec8ecea32b8b4a65b090f816ccce7aa0374790cde46f1c491a97b7b9736924659ddd1
SSDEEP

3072:M1dt224kfBEac9MfAfddQNH26jQiO704yp2hh6R8pKi3NC+eDgCDdJ:uy2HEac9MfAFdQyf7P5h+8pp2Dvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c675a888d0a2281af8cb91cc8864e34_JaffaCakes118

Files

8c675a888d0a2281af8cb91cc8864e34_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dae92678e66746cea4b4f14353eef40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

kernel32

GetAtomNameW
CreateProcessW
lstrlenW
GetLocaleInfoW
GetSystemTimeAsFileTime
UnhandledExceptionFilter
InterlockedExchange
IsDebuggerPresent
GetACP
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
lstrlenA
WideCharToMultiByte
GetCurrentProcessId
EnumResourceNamesA
InterlockedCompareExchange
QueryPerformanceCounter
GetEnvironmentVariableW
GetCurrentThreadId
TzSpecificLocalTimeToSystemTime
GetTickCount
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
RaiseException
LocalAlloc
GetThreadLocale

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ