a358d017c0447f2f8db8f508a6d8101f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a358d017c0447f2f8db8f508a6d8101f_JaffaCakes118
Size

191KB
MD5

a358d017c0447f2f8db8f508a6d8101f
SHA1

5e0bf04a9e4499303b174ca1e95411d310a22ec8
SHA256

29b45682e9d707deec526d3af1d5d75d900cb7b8a4e48d940ea23c35d22bfc1e
SHA512

4c52ee7d12fc24bee32fc6b46aa672d5bad27ccc476ca39cf236400570d9cdb8b15e355014f247baf0866ec6b6103f389ff7087df04c5fa1b3ee2e07b67a3644
SSDEEP

3072:yjfs5rlJGaqwGw8Ej2lq2u/3DhIG0YhZ1z0ZBI1k+ChBHXkeMVtiSE:Gs5jVq68E07ST6GVh30ZBMGjH0tVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a358d017c0447f2f8db8f508a6d8101f_JaffaCakes118

Files

a358d017c0447f2f8db8f508a6d8101f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

171398cc7d699e49f7a7ce5b7497fdf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

oleacc

LresultFromObject
CreateStdAccessibleObject

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetAtomNameW
IsDebuggerPresent
GetCurrentProcess
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
MultiByteToWideChar
InterlockedExchange
GetCurrentThreadId
GetSystemTimeAsFileTime
WideCharToMultiByte
TerminateProcess
EnumResourceNamesA
LocalAlloc
GetCurrentProcessId
UnhandledExceptionFilter
Sleep
QueryMemoryResourceNotification
GetACP
GetTickCount
SetUnhandledExceptionFilter
InterlockedCompareExchange
GetLocaleInfoW
lstrlenA
GetEnvironmentVariableW
CreateProcessW
lstrlenW
RaiseException
GetThreadLocale

winmm

mciSendCommandA
sndPlaySoundA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ