JaffaCakes118_22c9a3b3e6f8e0ea86ab8857b55f7382 | Triage

Sharing

General

Target

JaffaCakes118_22c9a3b3e6f8e0ea86ab8857b55f7382
Size

176KB
MD5

22c9a3b3e6f8e0ea86ab8857b55f7382
SHA1

1f33b0fbc825ab0a8d24e5de3d0c1dc9f88e2a98
SHA256

9dfc1bf1d3663eac731a17fe8d156a26ba17e2aec1f52511caa0ff1d4fcea9d2
SHA512

60f95592800c943a0ba7adce12f46fd88cd9eaa3f20e9fc04b7b3a69cb0eb72adfc961f5886b9bb6bc2e0d246ce586583ad960ad99ad4d254b0d2289a3753306
SSDEEP

3072:MyQ0ye7pnGvSkMzzC2WKHPN1mPR82UZSOvCb2oc/VHOgW594b9Qf:BQ0yipGvMnChESy2UZSOKIVpWTCGf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_22c9a3b3e6f8e0ea86ab8857b55f7382

Files

JaffaCakes118_22c9a3b3e6f8e0ea86ab8857b55f7382
.exe windows:4 windows x86 arch:x86

58b61d17f00941fc71017ff4c1cd7f08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

kernel32

CreateThread
WaitForSingleObject
GlobalAddAtomW
Sleep
LeaveCriticalSection
lstrcpyA
ResetEvent
GetFullPathNameW
GetTimeZoneInformation
IsDBCSLeadByte
DeleteCriticalSection
LoadLibraryW
EnumResourceNamesA
OutputDebugStringA
GetTempPathA
InitializeCriticalSection
GetFullPathNameA
VerLanguageNameA
GetTickCount
SetEvent
LoadLibraryA
EnterCriticalSection
FileTimeToSystemTime
GetProcAddress
FreeLibrary

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ