17b8ffb549cf5c6bd747bde45e2deea6_JaffaCakes118

General

Target

17b8ffb549cf5c6bd747bde45e2deea6_JaffaCakes118
Size

177KB
MD5

17b8ffb549cf5c6bd747bde45e2deea6
SHA1

a73845d379759fab608f566d4bcf01baaed306d1
SHA256

c7dfc5fa448c487ed702edf9820f2a0b12f244cab65315a6e6b9a747a199e4f1
SHA512

e32dbce82c8a52751289e95b098c8007b409f77311ed5efd6f8a22bad54ed5579e16f429d847af57eb87266d7cf2bdc41fa9a03d534d06e542c23f86b2499256
SSDEEP

3072:U4wOc1YYV0pOZPre7We0Ng66Q3rMT3IEMO3QxnxlbFxTfS05JM2ZLL/MZwg:U4HEyUtG/a6QbMT3IsqTFxTfS05JJHkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17b8ffb549cf5c6bd747bde45e2deea6_JaffaCakes118

Files

17b8ffb549cf5c6bd747bde45e2deea6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57ea9718a6e9a9db67be58c17125d069

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

FreeLibrary
HeapDestroy
LoadLibraryA
QueryPerformanceCounter
HeapSize
GetCurrentProcessId
HeapFree
VirtualAlloc
GetTickCount
GetSystemTimeAsFileTime
WriteFile
GetTimeFormatA
GetDateFormatA
HeapReAlloc
RaiseException
WriteConsoleA
LCMapStringA
UnhandledExceptionFilter
VirtualFree
GetStringTypeW
CompareStringW
IsDebuggerPresent
MultiByteToWideChar
InitializeCriticalSection
IsValidCodePage
ReadFile
SetEndOfFile
EnumSystemLanguageGroupsW
RtlUnwind
GetTimeZoneInformation
CompareStringA
LCMapStringW
ResetWriteWatch
EnterCriticalSection
SetFilePointer
GetOEMCP
HeapCreate
GetCPInfo
GetCurrentProcess
TerminateProcess
GetConsoleOutputCP
GetLocaleInfoA
SetEnvironmentVariableA
LeaveCriticalSection
SetUnhandledExceptionFilter
SetStdHandle
GetACP
GetStringTypeA

shell32

SHGetFolderPathW

oleacc

LresultFromObject
AccessibleObjectFromPoint

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57ea9718a6e9a9db67be58c17125d069

Headers

File Characteristics

Imports

newdev

kernel32

shell32

oleacc

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 2KB - Virtual size: 153KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 2KB - Virtual size: 153KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 512B - Virtual size: 4KB