JaffaCakes118_7911b3c2b5597bade8af33b64cbead69 | Triage

Sharing

General

Target

JaffaCakes118_7911b3c2b5597bade8af33b64cbead69
Size

186KB
MD5

7911b3c2b5597bade8af33b64cbead69
SHA1

ba3b3b48152c7387481d637d76535b1490f97185
SHA256

4ce4836b18ee9955d77c1ffb5bf95b744a517888e9cdca9c8333611d68d51ce1
SHA512

391e0216a05ab95fad3adf936accc8770a2238bfa5363f7f178ec0a55063aa93e5eb2460f5cab2399d8c11e98cd07d3397c79d5912846f2341052ec37468501a
SSDEEP

3072:Jz+yYdb/Rs7U5MKTK3jNpp83Jh31+sJcmPmGXxE6E2pfbS1oB0VZhW:pWts7/KTkjNpwJp1vmGXxg2hwoB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7911b3c2b5597bade8af33b64cbead69

Files

JaffaCakes118_7911b3c2b5597bade8af33b64cbead69
.exe windows:4 windows x86 arch:x86

74f266a852354412c3c5bc0e421c1c15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
EnterCriticalSection
lstrcpyA
GetTickCount
LoadLibraryA
GetTimeZoneInformation
Sleep
LeaveCriticalSection
IsDBCSLeadByte
CreateThread
EnumResourceNamesA
ResetEvent
GetProcAddress
GetFullPathNameW
GetTempPathA
InitializeCriticalSection
VerLanguageNameA
DeleteCriticalSection
WaitForSingleObject
SetEvent
OutputDebugStringA
GetFullPathNameA
FileTimeToSystemTime
LoadLibraryW
FreeLibrary

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ