e47cb440b43181cb694bc1ebb22d922d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e47cb440b43181cb694bc1ebb22d922d_JaffaCakes118
Size

176KB
MD5

e47cb440b43181cb694bc1ebb22d922d
SHA1

1ca90c03c9060b73e74f3469d859db89819eec7c
SHA256

5c84ea53ca85a16d74601cdee6d7b3943f9d10ea8262a9078f7bd0ddc38d3540
SHA512

877d21f34de7c82210df6cde2b08cce7e4547ae94baffe7f75959cc033475393743d82b516671d8d589faff58af376de82347db3270b3bfb5979d06efae77424
SSDEEP

3072:KxCrVBXL/RVGnMVzIUA0YNue4TrKAfH8jzzKGT0kcIsnWiP4MUm2:1pQszJCNue4HZfH8jPrbuWiP4G2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e47cb440b43181cb694bc1ebb22d922d_JaffaCakes118

Files

e47cb440b43181cb694bc1ebb22d922d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45d9d8ab320aa6aa07c0b7431c3251ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetAtomNameW
QueryPerformanceCounter
UnhandledExceptionFilter
CreateProcessW
InterlockedCompareExchange
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
LocalAlloc
GetCurrentProcessId
lstrlenA
lstrlenW
InterlockedExchange
GetEnvironmentVariableW
GetModuleHandleW
GetSystemTimeAsFileTime
EnumResourceNamesA
GetLocaleInfoW
QueryMemoryResourceNotification
RaiseException
IsDebuggerPresent
GetCurrentProcess
GetCurrentThreadId
SetUnhandledExceptionFilter
GetACP
TerminateProcess
GetStartupInfoW
Sleep
GetThreadLocale

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

winmm

mciSendCommandA
sndPlaySoundA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ