JaffaCakes118_6e7cc9d832b8e4dda93784898e96191d | Triage

Sharing

General

Target

JaffaCakes118_6e7cc9d832b8e4dda93784898e96191d
Size

172KB
MD5

6e7cc9d832b8e4dda93784898e96191d
SHA1

a8b3bd573fb29e13bfeb6988a322a520591874d0
SHA256

dd5a4fdea9fa94e6535803867990352151b51f3d9716be66be8282382e4bb3c9
SHA512

4ef75f30770e3c4078b61ffbce0f4032654352155cc9f96a20f5d587a004a17899628bc9ee30a649b0dd1753025b7a72ff378aa1515cc9d5c92a7080f731b0ac
SSDEEP

3072:VOVje/W2l0W1JZMwspmwwvjRaoq+0z0iIdCMCuqm0cAWoXAaGTVZQDghQqsZitRx:VOVjeO21Jitmxq50/djFpoQaGLtsZitb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6e7cc9d832b8e4dda93784898e96191d

Files

JaffaCakes118_6e7cc9d832b8e4dda93784898e96191d
.exe windows:4 windows x86 arch:x86

23182f35d90180310dbab85110e8e590

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

kernel32

TlsSetValue
GetLocaleInfoA
VirtualAlloc
GetModuleFileNameA
AddAtomA
SetLastError
GetStartupInfoA
GetFileType
TerminateProcess
GetVersionExA
HeapCreate
GetACP
TlsGetValue
SetEndOfFile
GetCurrentProcess
EnumResourceNamesA
TlsFree
InterlockedExchange
GetSystemInfo
FreeEnvironmentStringsW
GetStdHandle
IsBadStringPtrW
GetEnvironmentStringsW
TlsAlloc
SetHandleCount
IsBadWritePtr
VirtualFree
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
UnhandledExceptionFilter

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ