386134d3d7f50a38add62b4fe732b2f0_JaffaCakes118

General

Target

386134d3d7f50a38add62b4fe732b2f0_JaffaCakes118
Size

239KB
MD5

386134d3d7f50a38add62b4fe732b2f0
SHA1

fae21afd951edf9430a1ecf184dca5d7e0285b84
SHA256

dc22e5c1ab17f1e05e35a2021afb1b5ffc1e1a5d000b556257685d98019f434a
SHA512

5174586e365cdfe2e9422b9b764c17ab847d99a7612a16ba80355bb716c71a835f7a40b7c390c31e129170ebb68c2c5fc41089f4e1310840ea5497093df6ea0f
SSDEEP

6144:+SOLqRQvjYK5fr5dHZG+kkO0y5S7+lp9oV6f+DG:LqvjJD5dZG+krcqlAVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386134d3d7f50a38add62b4fe732b2f0_JaffaCakes118

Files

386134d3d7f50a38add62b4fe732b2f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

308fb341ed026815f79396f8fd4a2035

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

msimg32

AlphaBlend

user32

GetWindowPlacement
ShowWindow
RealGetWindowClass
IsIconic
SetWindowPos
GetSystemMetrics
UpdateWindow
SetWindowPlacement
DestroyWindow
GetParent
LoadImageW
IsZoomed
LoadIconW
MapVirtualKeyW
IsWindow
SetForegroundWindow

kernel32

TlsAlloc
InterlockedExchange
IsDebuggerPresent
Sleep
GetSystemTimeAsFileTime
GetProcessHeap
CreateFiberEx
LoadLibraryW
InterlockedCompareExchange
DeleteFileW
GetCurrentProcessId
QueryPerformanceCounter
TerminateThread
GetProcAddress
WaitForSingleObject
GetLastError
RaiseException
TerminateProcess
EnumResourceNamesA
SetUnhandledExceptionFilter
FreeLibrary
CloseHandle
GetCurrentThreadId
ReleaseSemaphore
LocalAlloc
GetCurrentProcess
FlushFileBuffers
GetStartupInfoA
CreateSemaphoreW
GetTickCount
LoadLibraryA
FoldStringW
GetCommandLineW
TlsFree
UnhandledExceptionFilter
GetModuleHandleW
GetLocaleInfoW
VirtualProtect
TlsGetValue
GetModuleFileNameW

Sections

.text
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

308fb341ed026815f79396f8fd4a2035

Headers

File Characteristics

Imports

setupapi

msimg32

user32

kernel32

Sections

.text Size: 205KB - Virtual size: 205KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 30KB - Virtual size: 29KB

.tls Size: 512B - Virtual size: 60KB

.text
Size: 205KB - Virtual size: 205KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 30KB - Virtual size: 29KB

.tls
Size: 512B - Virtual size: 60KB