2ce101a33fbbce2afcba43d7231be8c2_JaffaCakes118

General

Target

2ce101a33fbbce2afcba43d7231be8c2_JaffaCakes118
Size

144KB
MD5

2ce101a33fbbce2afcba43d7231be8c2
SHA1

4e79afa9dec1a8a9fffdf89f1e42411c2110b37c
SHA256

33a8dfb743b079ff3a1bd658f1208fcd096078da10cb82109e7e61023505803b
SHA512

37315cc1e32f3539bb050a0d936545d7da475612d583aa991dc106f32007a80e5558b210639f50dbeee4b96fc25c8158ef9972ab9c05d6285919d4c725603b59
SSDEEP

3072:uNvTgN+6ZvX5W6ruQXndYr54Z/OT8B40Vwn9mCtTHefZ+UNnyd:uT6Z4ITXndYr5O/FB40VemCpefPyd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ce101a33fbbce2afcba43d7231be8c2_JaffaCakes118

Files

2ce101a33fbbce2afcba43d7231be8c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b809192b7eb4c0f8ec2d7525f1381653

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
memset
_vsnwprintf
_XcptFilter
__setusermatherr
_exit
__p__commode
__getmainargs
_amsg_exit
_ismbblead
_vsnprintf
__p__fmode
__set_app_type
?terminate@@YAXXZ
_cexit
_initterm
exit
_controlfp

kernel32

TlsFree
QueryPerformanceCounter
AddAtomW
GetComputerNameA
GetProcessHeap
TlsAlloc
HeapFree
GetFileType
GlobalMemoryStatus
GetStdHandle
RtlUnwind
RaiseException
DeviceIoControl
SetUnhandledExceptionFilter
GetTickCount
TlsGetValue
CloseHandle
TerminateProcess
HeapAlloc
EnumResourceNamesA
GetStartupInfoA
GetLocalTime
SetHandleCount
GetCurrentProcessId
GetVersion
RegisterWaitForSingleObject
SetLastError
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetVersionExA
GetModuleFileNameA
GetModuleHandleW
TlsSetValue
InterlockedExchange

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b809192b7eb4c0f8ec2d7525f1381653

Headers

File Characteristics

Imports

msvcrt

kernel32

setupapi

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 76KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 76KB

.reloc
Size: 1024B - Virtual size: 124KB