14b341ff0031785bea2a168df0539bc0_JaffaCakes118 | Triage

Sharing

General

Target

14b341ff0031785bea2a168df0539bc0_JaffaCakes118
Size

186KB
MD5

14b341ff0031785bea2a168df0539bc0
SHA1

bfdbcad979f6f42e9ff81658e1c8a48136909f99
SHA256

48f722e75d0c1a17b7fc060402e7887674ccab700eb86cc1c2efcef14686b87e
SHA512

71447284fb9b8fe7cad345aaf3749d5f33bb2328e97a29f70279b1099d3c5c4ad34c58a5aa5c166eb4f8b132f0618a0afaff93bf7b258cd8cf2e10048465262e
SSDEEP

3072:jasDnhH1tv7HMA5qhtlSsE63llD/mbcbA90Rh19YsRrKATx8Bn5WQDbXE8iO:fNDsas93TD/mYb7D195RrpI5WQHXE8iO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b341ff0031785bea2a168df0539bc0_JaffaCakes118

Files

14b341ff0031785bea2a168df0539bc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6bd59f615279cdf89d2e634f484f5c02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameW
SetEvent
Sleep
GetTempPathA
DeleteCriticalSection
IsDBCSLeadByte
CreateThread
lstrcpyA
GetFullPathNameW
FileTimeToSystemTime
ResetEvent
EnumResourceNamesA
LoadLibraryW
GetFullPathNameA
GetProcAddress
WaitForSingleObject
LoadLibraryA
QueryMemoryResourceNotification
GetTimeZoneInformation
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
EnterCriticalSection
OutputDebugStringA
FreeLibrary

winmm

mciSendCommandA
sndPlaySoundA

shlwapi

PathAddBackslashA

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ