26664cfc208d303185ae5b85f7d2eea0_JaffaCakes118

General

Target

26664cfc208d303185ae5b85f7d2eea0_JaffaCakes118
Size

173KB
MD5

26664cfc208d303185ae5b85f7d2eea0
SHA1

1aeaec0e39af809f47888dd73ecad887b49dd0a7
SHA256

dc652bf125f9d5e40ec7fd3d5624a7dd7397041f1417df53c0e57dd2d8bf05ae
SHA512

88dd3fd19022ce7e6bf728a7ca627b3915801675ebd267debf5f7e2436507ace48edc74431e6cd2bf0c907fc22af65651b4afdfec799d69ae55535ffcd13eeeb
SSDEEP

3072:MHAJtyj1KhWvJ1DXDXzB2inGKOZFtYtnoYSBF15HkDVZHeojzJzYQ3Z9U3k7s6G:MgJtuTvrDTV2init0oBBLVqAoG4Z9Um

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26664cfc208d303185ae5b85f7d2eea0_JaffaCakes118

Files

26664cfc208d303185ae5b85f7d2eea0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f67b89959db98b29e26c9406b134ffd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetVersionExA
GetComputerNameA
AddAtomW
DeviceIoControl
TlsSetValue
RtlUnwind
GetModuleHandleW
GetStartupInfoA
GlobalMemoryStatus
QueryPerformanceCounter
GetTickCount
GetStdHandle
TlsAlloc
SetUnhandledExceptionFilter
GetCurrentThread
EnumResourceNamesA
HeapFree
GetCurrentProcess
GetCommandLineA
TlsFree
SetHandleCount
GetSystemTimeAsFileTime
TerminateProcess
CloseHandle
GetProcessHeap
GetModuleFileNameA
RegisterWaitForSingleObject
SetLastError
GetFileType
RaiseException
GetVersion
GetCurrentProcessId
TlsGetValue
HeapAlloc
GetDiskFreeSpaceA
InterlockedExchange

msvcrt

_amsg_exit
_ismbblead
_cexit
_exit
exit
__p__commode
__set_app_type
_initterm
_vsnwprintf
_acmdln
_XcptFilter
_vsnprintf
__setusermatherr
__p__fmode
memset
?terminate@@YAXXZ
__getmainargs
_controlfp

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f67b89959db98b29e26c9406b134ffd4

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 73KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 73KB

.reloc
Size: 1024B - Virtual size: 124KB