d22c306ec481075286b7fc58ded30e3f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d22c306ec481075286b7fc58ded30e3f_JaffaCakes118
Size

170KB
MD5

d22c306ec481075286b7fc58ded30e3f
SHA1

0c930adf03be840cb7984b8703b8126bfab73f81
SHA256

2dbf8c6ff5a44cfd41d16b8010d489bb066e7e75f1d932512e62b1cc8f1f8a4d
SHA512

c51349bc774c647c0fbce429cca0d110921ce48d9a6ad559a08a683be0fa900a623688ce9dc70539e1ec31ba1a9b62bfcafada8b8238ad9b6819743da062dc0e
SSDEEP

3072:YE8dXRkgFEsKv0IonQU0Mq7/N15Tpq7rLEH48qd4pouQ7fjQ7aRH+K:92kjHFoQvMq7/ZTe/tIa7RP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d22c306ec481075286b7fc58ded30e3f_JaffaCakes118

Files

d22c306ec481075286b7fc58ded30e3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7371827ede848cde6b3bd91c33d26444

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

msimg32

AlphaBlend
TransparentBlt

kernel32

DeleteCriticalSection
OutputDebugStringA
GetAtomNameW
LeaveCriticalSection
CreateThread
WaitForSingleObject
LoadLibraryW
InitializeCriticalSection
IsDBCSLeadByte
ResetEvent
EnumResourceNamesA
GetProcAddress
GetTickCount
SetEvent
QueryMemoryResourceNotification
GetFullPathNameW
GetTempPathA
LoadLibraryA
EnterCriticalSection
Sleep
GetTimeZoneInformation
FileTimeToSystemTime
GetFullPathNameA
lstrcpyA
FreeLibrary

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ