33c2ace090b1c226c5a135e036e9669c_JaffaCakes118

General

Target

33c2ace090b1c226c5a135e036e9669c_JaffaCakes118
Size

205KB
MD5

33c2ace090b1c226c5a135e036e9669c
SHA1

07e66e9216e4576baa2ceac542147e7d1f22bdd1
SHA256

a39245e69bd7eca6abc1528656b8978f7c754bb23aaa71a08ccaf0f52d5003cc
SHA512

29eb08e4312c9a941c1a34d76e4035859038e35178479110beecbf7d5e260fec32e8326f6d94d61433451cf51e77112e8af0b552253ff0204d54add203f9f07b
SSDEEP

3072:e7PZs+YvwU4aGHkV65X7g/n5iZVjAa4R0gPerAma9wd+ema8zOKB:e7P6+YvwU69Y6jMug2rI9wgciOK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33c2ace090b1c226c5a135e036e9669c_JaffaCakes118

Files

33c2ace090b1c226c5a135e036e9669c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abd3204bd885688af1d7f14284ed8e22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

FreeLibrary
GetCurrentProcessId
InterlockedCompareExchange
InterlockedExchange
CreateFiberEx
TlsGetValue
GetModuleHandleW
GetCurrentProcess
FoldStringW
GetStartupInfoA
GetProcessHeap
UnhandledExceptionFilter
TerminateThread
CloseHandle
GetCurrentThreadId
IsDebuggerPresent
QueryPerformanceCounter
CreateSemaphoreW
GetLocaleInfoW
ReleaseSemaphore
EnumResourceNamesA
LoadLibraryA
TlsFree
TlsAlloc
SetUnhandledExceptionFilter
LocalAlloc
DeleteFileW
WaitForSingleObject
GetCommandLineW
FlushFileBuffers
GetLastError
GetProcAddress
LoadLibraryW
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
RaiseException
VirtualProtect
Sleep
GetModuleFileNameW

msimg32

AlphaBlend

user32

IsWindow
GetWindowPlacement
DestroyWindow
GetParent
IsIconic
GetSystemMetrics
SetWindowPlacement
LoadIconW
UpdateWindow
ShowWindow
LoadImageW
IsZoomed
RealGetWindowClass
MapVirtualKeyW
SetWindowPos
SetForegroundWindow

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abd3204bd885688af1d7f14284ed8e22

Headers

File Characteristics

Imports

setupapi

kernel32

msimg32

user32

Sections

.text Size: 186KB - Virtual size: 185KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 186KB - Virtual size: 185KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 352KB