2a1da182f188918a08b90927f9b3e4b3_JaffaCakes118

General

Target

2a1da182f188918a08b90927f9b3e4b3_JaffaCakes118
Size

188KB
MD5

2a1da182f188918a08b90927f9b3e4b3
SHA1

338f5a53fac4a0ee718f9a720023bb2c437fa161
SHA256

6db0cca101fa77192b21a02389334c6caf2a686dc9c0ec5153de6ed8b108e787
SHA512

64cee1219a7468edf9a109b99f4aadbca3cb418f6f16cf5794d6d990e11fb5e8fe68bf2f9b280a28d91f7b6e6e6a73803aae2e2510a04ecf8484e188a5091e86
SSDEEP

3072:IUfYt7XWfI16LzVDScfu2xZNbu4IgGrfup1YTsgKrWPy/rYKNr8QAA76Oxzsy89V:Ilx8zVpJNbObHsgKrZT7WY7vzsj1nbi0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a1da182f188918a08b90927f9b3e4b3_JaffaCakes118

Files

2a1da182f188918a08b90927f9b3e4b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e386709ee7018a06e6774515abe30db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
_amsg_exit
_XcptFilter
_vsnprintf
__setusermatherr
_vsnwprintf
__getmainargs
_exit
exit
?terminate@@YAXXZ
memset
__p__commode
__set_app_type
_ismbblead
_cexit
_initterm
__p__fmode
_controlfp

kernel32

AddAtomW
GetFileType
GetCurrentProcess
CloseHandle
RtlUnwind
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleHandleW
GetComputerNameA
TlsFree
GetStdHandle
TlsSetValue
GetTickCount
GetVersionExA
QueryPerformanceCounter
GetModuleFileNameA
GlobalMemoryStatus
GetCommandLineA
TlsAlloc
TlsGetValue
SetHandleCount
GetCurrentThread
EnumResourceNamesA
RegisterWaitForSingleObject
GetStartupInfoA
GetCurrentProcessId
RaiseException
HeapAlloc
TerminateProcess
GetLocalTime
HeapFree
GetVersion
GetProcessHeap
DeviceIoControl
SetLastError
GetDiskFreeSpaceA
InterlockedExchange

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e386709ee7018a06e6774515abe30db

Headers

File Characteristics

Imports

msvcrt

kernel32

setupapi

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 83KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 83KB

.reloc
Size: 1024B - Virtual size: 132KB