a0ab29391493f9467b58583dd0c63bc2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0ab29391493f9467b58583dd0c63bc2_JaffaCakes118
Size

178KB
MD5

a0ab29391493f9467b58583dd0c63bc2
SHA1

748cb5a699e14f359033d271961f4ccc3e9274f2
SHA256

016011faa53f50a8eb7dba8bf007ff116f2d89733cbd32f6cbb2d32342d6ae75
SHA512

eedf56fac4b9ea3ee162952b605106554e99595e389ea3c76f96d9db1f89b70519af532886ed05ef3f3b5f8c044550df97ed36d60dd2e17332275d0c05af1e57
SSDEEP

3072:cWVeanJ5Y8wZ+gmPWUMlfqsMsjk4MZ+PuUGuHozTgR31ZnJg2R2Jknd3:lJ5E0WJQsZfk+PuUGuQgPnZw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0ab29391493f9467b58583dd0c63bc2_JaffaCakes118

Files

a0ab29391493f9467b58583dd0c63bc2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

908380d4c371d263ab018e80f8a26067

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

kernel32

TerminateProcess
UnhandledExceptionFilter
WideCharToMultiByte
InterlockedExchange
GetAtomNameW
MultiByteToWideChar
lstrlenW
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLocaleInfoW
InterlockedCompareExchange
GetEnvironmentVariableW
EnumResourceNamesA
LocalAlloc
CreateProcessW
GetCurrentProcessId
Sleep
lstrlenA
QueryMemoryResourceNotification
GetStartupInfoW
GetCurrentThreadId
IsDebuggerPresent
RaiseException
GetCurrentProcess
GetSystemTimeAsFileTime
GetACP
GetModuleHandleW
GetTickCount
GetThreadLocale

oleacc

LresultFromObject
CreateStdAccessibleObject

shlwapi

PathAddBackslashA

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ