JaffaCakes118_9c150193c7161a51cce3813454cdc281 | Triage

Sharing

General

Target

JaffaCakes118_9c150193c7161a51cce3813454cdc281
Size

171KB
MD5

9c150193c7161a51cce3813454cdc281
SHA1

a20a13d1bf0bea85adabf8f7b9d90d4e253b2e15
SHA256

61417b19c8c86f38cf0eaf1ef7a43c4081aacf748cad8915b0d062171a491551
SHA512

d09fe8c7b0458caac97e19033cfb0236de9a2d424afe56f89e27960e5db3fdb102c0c6549624906786c1fced3a12a27d3eb4f8b0fdfeff503ef9317f7bbb9b3f
SSDEEP

3072:tIGV6wDVA7YRAljukwa/+pI0S2otjv4NlVKWLl1x/9dFaO2YXXDgh9WRoU+p:tn5S7cAtukkHStvUlVKW3bD2QXDi9w7y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_9c150193c7161a51cce3813454cdc281

Files

JaffaCakes118_9c150193c7161a51cce3813454cdc281
.exe windows:4 windows x86 arch:x86

a76fcd1ab65f245233421f7e4e5993ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

kernel32

LeaveCriticalSection
DeleteCriticalSection
lstrcpyA
GetAtomNameW
OutputDebugStringA
EnterCriticalSection
LoadLibraryA
GetFullPathNameW
FileTimeToSystemTime
GetProcAddress
CreateThread
SetEvent
EnumResourceNamesA
GetFullPathNameA
GetTimeZoneInformation
WaitForSingleObject
LoadLibraryW
QueryMemoryResourceNotification
GetTickCount
GetTempPathA
InitializeCriticalSection
IsDBCSLeadByte
ResetEvent
Sleep
FreeLibrary

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ