31474ac4226761ffbd8f9d489a27f70e_JaffaCakes118

General

Target

31474ac4226761ffbd8f9d489a27f70e_JaffaCakes118
Size

1.6MB
MD5

31474ac4226761ffbd8f9d489a27f70e
SHA1

ab51e807f2730a4fc16907506207ae8026bad9fe
SHA256

9ae417df6adbe83d6dd80fda910b1fa3049301a72e6eb89a1a5b79cac706e2c0
SHA512

b4c0afd371d057c3c6015f249096a9b074159d806537a212511ea1ea94021ec89ad50818d08c81085e1c1cd74eec0c2398f1ee6cdec9a2ebe79b8411980cd1cc
SSDEEP

49152:85bAAGs0V/U6qWBH2bhjClUggVbb+RTVwlVgTM:8vu/9E0lUggVb6RJ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31474ac4226761ffbd8f9d489a27f70e_JaffaCakes118

Files

31474ac4226761ffbd8f9d489a27f70e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88d25ba6965a0842b8fc5a822d801092

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
GlobalAddAtomW
IsBadWritePtr
HeapDestroy
SetUnhandledExceptionFilter
WideCharToMultiByte
GetOEMCP
HeapReAlloc
VirtualFree
GetCPInfo
HeapCreate
FreeEnvironmentStringsW
IsBadCodePtr
GetStdHandle
SetConsoleCtrlHandler
EnumResourceNamesA
GetFileType
VirtualAlloc
GetStartupInfoA
SetFilePointer
WriteFile
GetDateFormatW
GetEnvironmentVariableA
FatalAppExitA
GetACP
SetHandleCount
GetEnvironmentStringsW
GetModuleFileNameA
IsBadReadPtr
UnhandledExceptionFilter
GetEnvironmentStrings
GetCurrentThread

gdi32

SetGraphicsMode
GetWorldTransform
SetROP2
GetGraphicsMode
FillPath
GetStockObject
MoveToEx
PolyBezierTo
GetClipBox
CloseFigure
LineTo
Rectangle
SetBrushOrgEx
BeginPath
IntersectClipRect
EndPath
SelectClipPath
PolylineTo
CreatePatternBrush
PolyDraw

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 825KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 854KB - Virtual size: 853KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88d25ba6965a0842b8fc5a822d801092

Headers

File Characteristics

Imports

kernel32

gdi32

setupapi

Sections

.text Size: 825KB - Virtual size: 3.0MB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 854KB - Virtual size: 853KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 825KB - Virtual size: 3.0MB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 854KB - Virtual size: 853KB

.rsrc
Size: 1024B - Virtual size: 4KB