1616c900245e13da57f123cc9221f6fb_JaffaCakes118

General

Target

1616c900245e13da57f123cc9221f6fb_JaffaCakes118
Size

205KB
MD5

1616c900245e13da57f123cc9221f6fb
SHA1

b518c5556e5c451fb2145d42f2d4dead96bee89f
SHA256

3daf7b7df3838d136fe7de968657ab8a7434b01c9a9b83236a016e4f813eb8a7
SHA512

050bd2966712acd117aa6b0851d27b9aac50964a03c2307c8bb6f03dd6c2bde05d321be4d871ac9c1eea527dec5d55b905a4ea9594ef5ccaa715088bfa5f53bb
SSDEEP

3072:IWp5jj6QuSYYWGYGQCnswUY8t/V7b2Y58byPpNaZ/YVUTF8RJrClD86FaSuiK+LF:5p5jj69TtGYw/8t/UYeIUYqFQB+aEKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1616c900245e13da57f123cc9221f6fb_JaffaCakes118

Files

1616c900245e13da57f123cc9221f6fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8447c33ccb571b74da6e4cd8369f8da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
InterlockedExchange
TlsAlloc
VirtualProtect
QueryPerformanceCounter
FoldStringW
GetProcAddress
GetSystemTimeAsFileTime
TerminateProcess
GetLocaleInfoW
GetCurrentProcessId
UnhandledExceptionFilter
FreeLibrary
WaitForSingleObject
RaiseException
TerminateProcess
EnumResourceNamesA
GetCurrentThreadId
ReleaseSemaphore
LoadLibraryA
GetCurrentProcess
TlsFree
DeleteFileW
Sleep
GetCommandLineW
GetLastError
FlushFileBuffers
GetModuleHandleW
SetUnhandledExceptionFilter
CreateSemaphoreW
LoadLibraryW
GetTickCount
CloseHandle
TlsGetValue
GetProcessHeap
GetStartupInfoA
InterlockedCompareExchange
LocalAlloc
IsDebuggerPresent
GetModuleFileNameW

user32

UpdateWindow
IsIconic
DestroyWindow
GetWindowPlacement
IsZoomed
RealGetWindowClass
GetParent
MapVirtualKeyW
SetWindowPos
LoadIconW
LoadImageW
GetSystemMetrics
SetWindowPlacement
IsWindow
ShowWindow
SetForegroundWindow

msimg32

AlphaBlend

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8447c33ccb571b74da6e4cd8369f8da

Headers

File Characteristics

Imports

kernel32

user32

msimg32

setupapi

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 352KB