JaffaCakes118_da2648cc4a24a89b3c60ce081cd49bf9 | Triage

Sharing

General

Target

JaffaCakes118_da2648cc4a24a89b3c60ce081cd49bf9
Size

169KB
MD5

da2648cc4a24a89b3c60ce081cd49bf9
SHA1

b791027bf511611435f3834f9f2647cca12cdf3c
SHA256

110ac32455bbb0ba2cf58decbd69e5e7df5d9cf3e33094826164b16f4b9a80b3
SHA512

b6db1cdad199644a3300bd5784aabff5b9cc593b8ae4630f25eee381940070f0cd9b50329dcbb6ec38ff561f90b71f6edfa7aec407526b4ad4cc9630d5480247
SSDEEP

3072:hmUamulpsZsMfhuR4Lg0n7jp1ZbGnfJLGL0JarzXFT/2z1tB:hpaJbsZb5uR4LgG7jfZbMhLGL0SzXgz9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_da2648cc4a24a89b3c60ce081cd49bf9

Files

JaffaCakes118_da2648cc4a24a89b3c60ce081cd49bf9
.exe windows:4 windows x86 arch:x86

38e95b44ff92a7f64ec4a2aa81eaee47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

kernel32

CreateThread
IsDBCSLeadByte
GlobalAddAtomW
ResetEvent
WaitForSingleObject
FileTimeToSystemTime
GetTimeZoneInformation
GetProcAddress
EnterCriticalSection
GetFullPathNameW
InitializeCriticalSection
EnumResourceNamesA
SetEvent
DeleteCriticalSection
GetTempPathA
LeaveCriticalSection
LoadLibraryA
VerLanguageNameA
Sleep
GetTickCount
lstrcpyA
GetFullPathNameA
OutputDebugStringA
LoadLibraryW
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ