3dd01b286b436f15e71fd01f2bd2a663_JaffaCakes118

General

Target

3dd01b286b436f15e71fd01f2bd2a663_JaffaCakes118
Size

208KB
MD5

3dd01b286b436f15e71fd01f2bd2a663
SHA1

954ba405185b3dc3c2bef415e05069cb227b0d1b
SHA256

8da993f1d4376e49b0caa7aee8201be7b9b1904de468c589779077e4987d13f8
SHA512

d0a37f5b59a60ac1b4b5c6fd75d573dac43ffde85574e28f25af2109daff6bd312f6c233a2071e92c122facdb2d626aefca51e66248cbb64c7a674bcfca84152
SSDEEP

6144:2BZb2xlW9vuDWbB0uvZHn8++qoK/OgKXiYQi:EF2zWJjbBJRH8LqfOgK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd01b286b436f15e71fd01f2bd2a663_JaffaCakes118

Files

3dd01b286b436f15e71fd01f2bd2a663_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3df4941a620dac9acaed035a61788d0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msimg32

AlphaBlend

kernel32

GetModuleHandleW
GetSystemTimeAsFileTime
FreeLibrary
CreateFiberEx
GetProcessHeap
VirtualProtect
LoadLibraryA
TlsFree
GetCurrentProcess
TerminateProcess
InterlockedExchange
UnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
GetCurrentThreadId
TlsGetValue
EnumResourceNamesA
DeleteFileW
GetCurrentProcessId
TlsAlloc
InterlockedCompareExchange
CloseHandle
SetUnhandledExceptionFilter
LocalAlloc
FlushFileBuffers
GetProcAddress
Sleep
GetStartupInfoA
FoldStringW
TerminateProcess
GetLocaleInfoW
LoadLibraryW
QueryPerformanceCounter
ReleaseSemaphore
WaitForSingleObject
GetLastError
RaiseException
GetCommandLineW
CreateSemaphoreW
GetModuleFileNameW

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

ShowWindow
LoadIconW
UpdateWindow
GetWindowPlacement
IsWindow
GetParent
GetSystemMetrics
IsIconic
LoadImageW
DestroyWindow
MapVirtualKeyW
IsZoomed
SetWindowPlacement
SetWindowPos
RealGetWindowClass
SetForegroundWindow

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df4941a620dac9acaed035a61788d0e

Headers

File Characteristics

Imports

msimg32

kernel32

setupapi

user32

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 220KB