db2eef786a83b10fda22e99eb5ebc4c4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db2eef786a83b10fda22e99eb5ebc4c4_JaffaCakes118
Size

177KB
MD5

db2eef786a83b10fda22e99eb5ebc4c4
SHA1

fb2c846b479a7ca6cc153c5a88c08af5c630dd75
SHA256

d5b3750890db5ee141de4627d42678f7eaff4a3ae007d8cb20443eed0fe046e1
SHA512

1a8947d82b9eae090f912af08670beffdbcee03e32b462b0b563881dccd5cebf3e581959dc285a9d4fe105eccee50fdfd5080b06d2bcb28fe0284ac13d975d13
SSDEEP

3072:Gl2VZnoqpHoxNAQUbxMYpVBc4pjpbg1NWEuqX4xgSmS8NRVu7nHoDMW77H:GlMnLdEA/WYvBcujpb2zuqIxgSyVu7ne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db2eef786a83b10fda22e99eb5ebc4c4_JaffaCakes118

Files

db2eef786a83b10fda22e99eb5ebc4c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea21bb6aa31ab0fbe4477cd767566d61

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

kernel32

SetLastError
IsBadWritePtr
GetStartupInfoA
AddAtomA
GetCurrentProcess
InterlockedExchange
VirtualAlloc
GetSystemInfo
TlsFree
TlsGetValue
GetEnvironmentStrings
GetACP
EnumResourceNamesA
TerminateProcess
SetEndOfFile
TlsSetValue
GetEnvironmentStringsW
VirtualFree
GetModuleFileNameA
SetHandleCount
GetStdHandle
TlsAlloc
GetVersionExA
IsBadStringPtrW
HeapSize
FreeEnvironmentStringsW
GetFileType
HeapCreate
FreeEnvironmentStringsA
GetLocaleInfoA
UnhandledExceptionFilter

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ