1c4b82a7feb94c434fb077751bf6d063_JaffaCakes118

General

Target

1c4b82a7feb94c434fb077751bf6d063_JaffaCakes118
Size

265KB
MD5

1c4b82a7feb94c434fb077751bf6d063
SHA1

c165ddd421f60f4f7d89496122b5c9537ae320c0
SHA256

09f661b8f3e90e3a2630e5c7218c3efb0d053c09734f98a5e133e8afbcb379b7
SHA512

6dd3acdbbfe43f533e95fa8f7533aa3c3edbc3a327d0ec152f245c0f86a0759681642676406332bf16b097899b2abdb4752bffd276a03e3633ad1f020f25acef
SSDEEP

3072:wrndksAfA51jrEHyyrGpPBYUy2yDOjToIDtGr9kGIAtMKz4wL5fxSMc3hryTe75:wFAs1j4SoGMmcVIDQiG5qRryG7Ox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c4b82a7feb94c434fb077751bf6d063_JaffaCakes118

Files

1c4b82a7feb94c434fb077751bf6d063_JaffaCakes118
.exe windows:4 windows x86 arch:x86

142a637bc5add8fa7ef835abad05b409

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

CompareStringA
HeapReAlloc
WriteFile
SetEndOfFile
LCMapStringA
IsDebuggerPresent
GetTickCount
RaiseException
HeapFree
GetTimeFormatA
MultiByteToWideChar
GetConsoleOutputCP
SetEnvironmentVariableA
WriteConsoleA
VirtualAlloc
SetUnhandledExceptionFilter
ReadFile
RtlUnwind
VirtualFree
CompareStringW
GetCPInfo
LeaveCriticalSection
IsValidCodePage
SetFilePointer
SetStdHandle
GetLocaleInfoA
EnumSystemLanguageGroupsW
HeapDestroy
FreeLibrary
GetCurrentProcessId
GetTimeZoneInformation
GetStringTypeW
LCMapStringW
ResetWriteWatch
LoadLibraryA
QueryPerformanceCounter
HeapCreate
TerminateProcess
InitializeCriticalSection
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
EnterCriticalSection
GetSystemTimeAsFileTime
GetACP
GetDateFormatA
GetOEMCP
GetStringTypeA

oleacc

LresultFromObject
AccessibleObjectFromPoint

shell32

SHGetFolderPathW

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

142a637bc5add8fa7ef835abad05b409

Headers

File Characteristics

Imports

newdev

kernel32

oleacc

shell32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 197KB - Virtual size: 196KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 197KB - Virtual size: 196KB

.rsrc
Size: 512B - Virtual size: 4KB