271df3d197f8b5905df1d98a0e2c3af7_JaffaCakes118

General

Target

271df3d197f8b5905df1d98a0e2c3af7_JaffaCakes118
Size

173KB
MD5

271df3d197f8b5905df1d98a0e2c3af7
SHA1

23507505f91e9f6c4101cb2354216b8eec3980fe
SHA256

83ac0724ab0f0d864f508fdc0f32ba81017d7721576673799f32749ac7770947
SHA512

fe17939e310d2eb63eaae42bd406e8563d90ace426dc013fb88ea0873c237b9c7421411266019d7424deeab1a3ea414fb441f24c79b377a24657cd093f61f4a7
SSDEEP

3072:drao2OV52JWZ91zOmXBqUiJuJAjXapF2AX+uwfQV5FWkxUoMCgh7i2vwrAXnPtL9:drZKsromXBQuKjXa5Ouwf2BRe7vYmFLQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
271df3d197f8b5905df1d98a0e2c3af7_JaffaCakes118

Files

271df3d197f8b5905df1d98a0e2c3af7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be901f4170cd27d6fa28bd4f26d07932

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetTreatAsClass
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextExtentPointA
GetTextMetricsA
GetDeviceCaps
DeleteObject
SelectObject
CreateFontIndirectA

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

SetHandleCount
GetCPInfoExW
GetOEMCP
lstrlenW
GetThreadLocale
DeleteCriticalSection
RaiseException
TlsSetValue
GetLocaleInfoA
EnterCriticalSection
WriteFile
WideCharToMultiByte
GetACP
GetFileType
GetStdHandle
LeaveCriticalSection
EnumResourceTypesA
GetStartupInfoA
UnhandledExceptionFilter
HeapSize
FreeEnvironmentStringsW
FreeEnvironmentStringsA
InterlockedExchange
MultiByteToWideChar
GetEnvironmentStringsW
GetTickCount
GetVersionExA
GetLogicalDriveStringsA
GetCPInfo
GetLastError
GetEnvironmentStrings
TlsGetValue
QueryPerformanceCounter
InterlockedIncrement
InitializeCriticalSection
GetCurrentProcessId

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be901f4170cd27d6fa28bd4f26d07932

Headers

File Characteristics

Imports

ole32

msimg32

gdi32

shell32

newdev

kernel32

Sections

.text Size: 101KB - Virtual size: 101KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 67KB

.reloc Size: 1024B - Virtual size: 252KB

.text
Size: 101KB - Virtual size: 101KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 67KB

.reloc
Size: 1024B - Virtual size: 252KB