d2cca2a72f6c869f5d475d67ceb84fd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2cca2a72f6c869f5d475d67ceb84fd6_JaffaCakes118
Size

175KB
MD5

d2cca2a72f6c869f5d475d67ceb84fd6
SHA1

c7f4a92fda38868594ec47ec5b3aceff3b8cb493
SHA256

0f1f6f58bb089079b2d8253508c6c4704d3ed52370acf4151e987eebab001523
SHA512

efcd2b851555374436d053ed2649af4750d262e716230ef5baf6364756a75347afa3027cd79637c99cf642dc51f382dfde5344ade33afa7ed41c83a4aadd5f2d
SSDEEP

3072:Rpk9XfGvPFf9ySYQr8VKsBEvSDv/d27q1pAvuQzWzEBsad3Jl7X9huj5Tkc1k:jMXfc9fHY16OdQQAmQSsbd/7X9wjXm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2cca2a72f6c869f5d475d67ceb84fd6_JaffaCakes118

Files

d2cca2a72f6c869f5d475d67ceb84fd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac4dc3393710b20933c17efc37399582

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

kernel32

CreateProcessW
lstrlenW
TerminateProcess
Sleep
GetAtomNameW
WideCharToMultiByte
RaiseException
IsDebuggerPresent
GetCurrentProcess
GetModuleHandleW
LocalAlloc
MultiByteToWideChar
GetACP
SetUnhandledExceptionFilter
EnumResourceNamesA
GetEnvironmentVariableW
UnhandledExceptionFilter
InterlockedCompareExchange
GetLocaleInfoW
GetCurrentProcessId
TzSpecificLocalTimeToSystemTime
QueryPerformanceCounter
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentThreadId
lstrlenA
GetTickCount
GetStartupInfoW
GetThreadLocale

shlwapi

PathAddBackslashA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ