JaffaCakes118_40637b7df1b4551e5297192c17df47e5 | Triage

Sharing

General

Target

JaffaCakes118_40637b7df1b4551e5297192c17df47e5
Size

172KB
MD5

40637b7df1b4551e5297192c17df47e5
SHA1

4c5e50143d566ac5e88b044b28a1a42dd7eb8df5
SHA256

9cd3e63886b7d682c6c3a85813c263fca2d0d47dbd94c64faef588bf649b679a
SHA512

ab9ef664573c03a64e80d28759aa1a008a098da93e728eb8b1fd65a8018ce6f5933041629a683540ff83f818faebbb65aa2f6bf805909959f2f2658ce68b624b
SSDEEP

3072:OxImS8Dv2HADLdKDmyp2SIep20o9Xq/6GJsTNu+Rp4NIghAmdbh:1YvaADLdwmG2SIep2J6/6GaTNDMhV9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_40637b7df1b4551e5297192c17df47e5

Files

JaffaCakes118_40637b7df1b4551e5297192c17df47e5
.exe windows:4 windows x86 arch:x86

87f4e8abe2a2917930f677fe7ad6d105

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetSystemInfo
GetStartupInfoA
AddAtomA
VirtualAlloc
TlsFree
GetStdHandle
FreeEnvironmentStringsA
GetLocaleInfoA
GetEnvironmentStringsW
GetACP
HeapSize
TlsSetValue
VirtualFree
SetLastError
GetFileType
HeapCreate
EnumResourceNamesA
TerminateProcess
GetEnvironmentStrings
TlsGetValue
TlsAlloc
IsBadStringPtrW
IsBadWritePtr
SetEndOfFile
GetModuleFileNameA
InterlockedExchange
FreeEnvironmentStringsW
GetCurrentProcess
GetVersionExA
SetHandleCount
UnhandledExceptionFilter

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ