101ce686e979e001072dc0767dd0abdb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

101ce686e979e001072dc0767dd0abdb_JaffaCakes118
Size

172KB
MD5

101ce686e979e001072dc0767dd0abdb
SHA1

afd4b3b66c27cc31f11986bdc6d89f9478c3da2a
SHA256

b1bfeadddb2fd335848defc85b797703287159dfa169e5d0e711696307ac982e
SHA512

8d12742e229a22ca4ea9b9c72b22b618f4b2d9d0d93fdece9b71c458ffa13c748e416e47cbb7b26d4541a5121dc31cda899def01784d50a68ec1000ee70a6eda
SSDEEP

3072:x2CwM6OMBfdcdxQClDoVtdo1lki86KM7AvTclYMFNAKKJ636zMh2gJ0E67s9Pq:8oKOQODf1ei86KM7mTtaAKKU36dO0E67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101ce686e979e001072dc0767dd0abdb_JaffaCakes118

Files

101ce686e979e001072dc0767dd0abdb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09f672b9db93da0e96fdc96c3b6d9de8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA

shlwapi

PathAddBackslashA

kernel32

LoadLibraryW
GetAtomNameW
GetFullPathNameA
GetProcAddress
lstrcpyA
CreateThread
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
GetFullPathNameW
ResetEvent
EnumResourceNamesA
Sleep
IsDBCSLeadByte
QueryMemoryResourceNotification
OutputDebugStringA
DeleteCriticalSection
FileTimeToSystemTime
GetTempPathA
SetEvent
LoadLibraryA
WaitForSingleObject
InitializeCriticalSection
GetTickCount
FreeLibrary

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ