af5b0efed7b79641fc3541d99ca8a37e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af5b0efed7b79641fc3541d99ca8a37e_JaffaCakes118
Size

275KB
MD5

af5b0efed7b79641fc3541d99ca8a37e
SHA1

7eacc419c164c87191ef5861ab4a694480f0453d
SHA256

b88a3bd6cd0ff7377d59c71f7da17b4f02a6446f72f781d6e5b6fa2f19bd61c8
SHA512

3c05b3b22ef3671ad3cd02fd46181942e6fe6958f681bdbc6153d5eaf48866040bceaaddfa5677385c6ef98b2c92052b703def99f0dc1c7f7a51942a98a08178
SSDEEP

6144:ZX7boAT4I63XttvmN5TZc9hsC2aaz4V1oErdw9iwE/PBv7Rwbm+:VXT4p3XtM7khsNaxVaEWEHZTRmb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af5b0efed7b79641fc3541d99ca8a37e_JaffaCakes118

Files

af5b0efed7b79641fc3541d99ca8a37e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cd7ee125cb83d4edae695f11bbf2e53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

TlsGetValue
SetLastError
AddAtomA
HeapSize
GetVersionExA
GetACP
SetEndOfFile
GetLocaleInfoA
TlsFree
GetFileType
GetModuleFileNameA
TlsAlloc
SetHandleCount
TerminateProcess
VirtualAlloc
IsBadWritePtr
EnumResourceNamesA
FreeEnvironmentStringsW
VirtualFree
GetCurrentProcess
GetStdHandle
FreeEnvironmentStringsA
HeapCreate
GetStartupInfoA
GetEnvironmentStringsW
IsBadStringPtrW
TlsSetValue
InterlockedExchange
GetEnvironmentStrings
GetSystemInfo
UnhandledExceptionFilter

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ