JaffaCakes118_40d23ad31113c3dafceae457e06e588f | Triage

Sharing

General

Target

JaffaCakes118_40d23ad31113c3dafceae457e06e588f
Size

169KB
MD5

40d23ad31113c3dafceae457e06e588f
SHA1

e9b3923841644651ba1be244ebc48d69b8919705
SHA256

26b320bcb4429f4d44ce8e33b4edbcb5d101a85e1d29e7bac6474d4f87efddb7
SHA512

4cc2e60857a71da6e78f02e0a51e9834dfc3a55768b2dd4d1f6134b8496111d21d9a0d81e94c4a1efccd9896e78d1531bdc53338eedc7bd5e699ec5f2d27234c
SSDEEP

3072:e+DbiQtoothjeaulaGO0+hoNXsJiCnwWkUQ1k4TG5bxowNH6/LS89Av/gknJ:9OnK1eaurowXWi6Vkt1k4qx21/L59e46

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_40d23ad31113c3dafceae457e06e588f

Files

JaffaCakes118_40d23ad31113c3dafceae457e06e588f
.exe windows:4 windows x86 arch:x86

e1a0b34043dea5af5c86a371a8419426

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
GetFullPathNameA
GetFullPathNameW
GetAtomNameW
GetTickCount
Sleep
DeleteCriticalSection
LoadLibraryW
LeaveCriticalSection
OutputDebugStringA
EnumResourceNamesA
InitializeCriticalSection
GetTimeZoneInformation
GetTempPathA
ResetEvent
EnterCriticalSection
lstrcpyA
QueryMemoryResourceNotification
CreateThread
LoadLibraryA
WaitForSingleObject
SetEvent
GetProcAddress
FileTimeToSystemTime
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ