e005f34ce7c59435ca5373bafdd6dd95_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e005f34ce7c59435ca5373bafdd6dd95_JaffaCakes118
Size

187KB
MD5

e005f34ce7c59435ca5373bafdd6dd95
SHA1

c56ba473dcfb1990dbac1349e3e6c4765442c223
SHA256

8e6cf5403953c0ec62da67cadad033de750ed27f5722075dd738b4d9d4824078
SHA512

11f8b7036ec75f9b963f19edd5c0e0a062821f636992e68f194c4c64d0fd27277981d6c09d470e37ca2590345862ce1ebe2a68f9999645313be7a7b054d645fc
SSDEEP

3072:E4DP9aAMRbnYouzo1Uk2EGQlBoe5Rz8PTOoEo4zvDsvyo//MwsSmJcwk6y:xnobnQk2FQlBxb2TOBwvyo/UvJ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e005f34ce7c59435ca5373bafdd6dd95_JaffaCakes118

Files

e005f34ce7c59435ca5373bafdd6dd95_JaffaCakes118
.exe windows:4 windows x86 arch:x86

07f23c0c1f759bc74cd7d4d5010e2529

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

winmm

mciSendCommandA
sndPlaySoundA

kernel32

GetTickCount
GetAtomNameW
OutputDebugStringA
GetTimeZoneInformation
DeleteCriticalSection
GetFullPathNameA
GetProcAddress
FileTimeToSystemTime
WaitForSingleObject
InitializeCriticalSection
EnumResourceNamesA
ResetEvent
EnterCriticalSection
LoadLibraryA
lstrcpyA
LeaveCriticalSection
QueryMemoryResourceNotification
CreateThread
SetEvent
GetTempPathA
IsDBCSLeadByte
LoadLibraryW
GetFullPathNameW
Sleep
FreeLibrary

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ