af542522583d896ceae04e8d135c7e91_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af542522583d896ceae04e8d135c7e91_JaffaCakes118
Size

173KB
MD5

af542522583d896ceae04e8d135c7e91
SHA1

9f56cd7d84a9545205eaf6dae8413ff627957507
SHA256

21d2dafc38e5db4683bbc090e0b22958ecd1c08ed07cf919c9aff74b04d0d028
SHA512

9ea4304d4dc7fdeefa8e190a36be6ee25112009bf4771cc35222d8017404e85ef315b9c7673c58cc442285dcf51e8ed35c110d6bfa84f34ae32c481e279a895a
SSDEEP

3072:1df6Vj981P6N2yAGBRCZNMBMKKNkmAaQZrjzHE3AoejyKJ7kI7dRBwL2W3:KggCCCZNMBM7Nkmm1PHyArjym7tdReLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af542522583d896ceae04e8d135c7e91_JaffaCakes118

Files

af542522583d896ceae04e8d135c7e91_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91c3346f5081480676b08f037f91e2c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

LoadLibraryW
GetProcAddress
GetAtomNameW
lstrcpyA
OutputDebugStringA
EnterCriticalSection
Sleep
LeaveCriticalSection
IsDBCSLeadByte
ResetEvent
GetTickCount
CreateThread
SetEvent
EnumResourceNamesA
GetFullPathNameA
WaitForSingleObject
InitializeCriticalSection
QueryMemoryResourceNotification
GetTimeZoneInformation
DeleteCriticalSection
FileTimeToSystemTime
GetFullPathNameW
LoadLibraryA
GetTempPathA
FreeLibrary

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ