d2fec64a26adbd4bd307d0bd0b5080ed_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2fec64a26adbd4bd307d0bd0b5080ed_JaffaCakes118
Size

172KB
MD5

d2fec64a26adbd4bd307d0bd0b5080ed
SHA1

afdce7683e5a4efb2f3a577b6b9075e5afad3f7b
SHA256

f386201b376d2d562c7296c822642db057d53d6c60f0ec2d0b4062f44b68886d
SHA512

9c7d520bdb41b922cd245a8ba5093adfbd71c92046c071665fb49de0c018a5e185da4f0022e965cc70fc8c7066bef2763a9eb1ef8c0f26e569a56b03b97a744b
SSDEEP

3072:GIHTudDi4hJr+u4bZ1LB7vh0b1C9fsONkR7oCFl1fxA/E6bqqyO:L0Di4Hr+uQbDhiOQtx4EMqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2fec64a26adbd4bd307d0bd0b5080ed_JaffaCakes118

Files

d2fec64a26adbd4bd307d0bd0b5080ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe6c441c53bcf6a93fc0aa4119c45f25

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
IsBadWritePtr
SetLastError
AddAtomA
GetACP
GetSystemInfo
GetVersionExA
GetEnvironmentStringsW
HeapCreate
GetLocaleInfoA
SetHandleCount
HeapSize
InterlockedExchange
EnumResourceNamesA
GetCurrentProcess
GetEnvironmentStrings
GetStartupInfoA
GetFileType
FreeEnvironmentStringsW
VirtualFree
GetModuleFileNameA
TlsSetValue
IsBadStringPtrW
SetEndOfFile
TerminateProcess
TlsAlloc
VirtualAlloc
GetStdHandle
TlsGetValue
FreeEnvironmentStringsA
UnhandledExceptionFilter

winmm

mciSendCommandA
sndPlaySoundA

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ