a1affef2c942c277fa23e31a53f840b7_JaffaCakes118 | Triage

Sharing

General

Target

a1affef2c942c277fa23e31a53f840b7_JaffaCakes118
Size

187KB
MD5

a1affef2c942c277fa23e31a53f840b7
SHA1

40c6419bf5a92c78c62189e55397d7967474dc89
SHA256

addccc6d438eed74008363f671dfbf2a47cb31f1d311ed6ed3ee13c520b74aa1
SHA512

06de8645f4ca5068b48ea780a368053b87eb8579fda30466fcdf8ea0a0b230316a3e22d5fe0fed792fe10d4b0131e7ed37950ce0578a293811da15254e2668a9
SSDEEP

3072:1I9RlW6r+ICwLbc247iJICBTTTr+U0c+5qTe4b+eHcxBc5XZ3+qn2bKkqXcO:ueZyy7iJ7yrcNTee+eHEBc5JRX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1affef2c942c277fa23e31a53f840b7_JaffaCakes118

Files

a1affef2c942c277fa23e31a53f840b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5849d014342a32cfffeea8862731c96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetAtomNameW
LoadLibraryW
LeaveCriticalSection
SetEvent
GetProcAddress
FileTimeToSystemTime
GetTimeZoneInformation
GetFullPathNameA
EnterCriticalSection
GetTickCount
EnumResourceNamesA
LoadLibraryA
lstrcpyA
GetFullPathNameW
InitializeCriticalSection
GetTempPathA
Sleep
QueryMemoryResourceNotification
CreateThread
IsDBCSLeadByte
DeleteCriticalSection
ResetEvent
WaitForSingleObject
OutputDebugStringA
FreeLibrary

shlwapi

PathAddBackslashA

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ