JaffaCakes118_6b4084266635769a8c67f303cd527f38 | Triage

Sharing

General

Target

JaffaCakes118_6b4084266635769a8c67f303cd527f38
Size

176KB
MD5

6b4084266635769a8c67f303cd527f38
SHA1

3f4d01312e7ea45fa3191a381a35384bde7880cb
SHA256

b9be127a6263b08a40bb2864e299d0e2dd8c0846280edb8c8b7c24056445de52
SHA512

5e7cdcfff1933e40138a93f7a2a602f70f143629c15845a12484ea2fc18e246d686517eb41e7f0c9fcfe07d92adde97b17170fd7e84575c08abc1cacfc009575
SSDEEP

3072:5csd4/PGUWbXPWhMryZmoGLkQ1fEA3affH7QQbqauvwZllL1W8zjy8wUk:WxOjXcyvoGNffYQQbqXclwkjDwUk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6b4084266635769a8c67f303cd527f38

Files

JaffaCakes118_6b4084266635769a8c67f303cd527f38
.exe windows:4 windows x86 arch:x86

9a1deb6062acc8136d7a795d40456d6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA
sndPlaySoundA

kernel32

GetEnvironmentStringsW
SetEndOfFile
IsBadWritePtr
AddAtomA
GetStdHandle
HeapSize
SetHandleCount
VirtualAlloc
InterlockedExchange
TlsGetValue
TlsAlloc
GetCurrentProcess
VirtualFree
FreeEnvironmentStringsW
TerminateProcess
GetFileType
EnumResourceNamesA
HeapCreate
FreeEnvironmentStringsA
GetStartupInfoA
TlsSetValue
SetLastError
TlsFree
GetACP
IsBadStringPtrW
GetSystemInfo
GetModuleFileNameA
GetEnvironmentStrings
GetVersionExA
GetLocaleInfoA
UnhandledExceptionFilter

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth_Ex
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ