49a8e532fb30d777b2391890560982eb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

49a8e532fb30d777b2391890560982eb_JaffaCakes118
Size

3.0MB
MD5

49a8e532fb30d777b2391890560982eb
SHA1

7c66797a99bcc2a2ab5ef4e75531f4887f7fcd19
SHA256

521c58adb651870123c05397064da5b11de04bad9daf8437d379846a1248737a
SHA512

911de6f379912de0fdfe96cc6b66c60b31c1ee481165be4ae31e7861536bb9afbfe483c2d70b1d49c2b71a614ad28abb0213535175e1b4d177a7a2584f51edfb
SSDEEP

24576:aeauZwQfowOh4AVal3+2H4KnJ/312nMw1rYvfgBk:flHAQ3nJkMwxB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49a8e532fb30d777b2391890560982eb_JaffaCakes118

Files

49a8e532fb30d777b2391890560982eb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

43a6cadb5cf8d729156a01ba458e4f11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetProcessHeap
GetCurrentProcessId
GetCurrentThreadId
GetLastError
ReleaseSemaphore
WaitForMultipleObjects
SetFilePointer
CloseHandle
GetSystemTime
LocalFileTimeToFileTime
lstrcmpW
HeapFree
TlsFree
LoadLibraryW
GetModuleHandleW
EnumResourceLanguagesW
GetSystemDirectoryW
CreateDirectoryW
FindFirstFileW
QueryPerformanceCounter
LCMapStringW
GetConsoleWindow
HeapAlloc
VirtualAlloc
GlobalFree
GetProcAddress
lstrcmpiW

user32

MoveWindow
IsCharAlphaNumericW
LoadAcceleratorsW
RegisterClassExW

advapi32

RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegCloseKey

msvcrt

memset

setupapi

SetupDiEnumDriverInfoW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_Device_ID_ExW
CM_Get_Device_IDW
SetupDiGetActualSectionToInstallW
CM_Get_Parent
SetupCloseInfFile
SetupFindFirstLineW
SetupFindNextLine
SetupGetFieldCount
SetupGetIntField
SetupInstallFromInfSectionW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceInterfaceDetailW
SetupDiBuildDriverInfoList
SetupDiSetDeviceInstallParamsW
SetupDiGetDriverInfoDetailW
SetupDiGetClassDevsW
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceInstallParamsW
CM_Get_DevNode_Status

winspool.drv

EnumJobsW

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 67.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43a6cadb5cf8d729156a01ba458e4f11

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

setupapi

winspool.drv

Sections

.text Size: 62KB - Virtual size: 61KB

.data Size: 2.9MB - Virtual size: 67.7MB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 62KB - Virtual size: 61KB

.data
Size: 2.9MB - Virtual size: 67.7MB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB