4228cf8620bfc22fa657004b0f4dafe7_JaffaCakes118

General

Target

4228cf8620bfc22fa657004b0f4dafe7_JaffaCakes118
Size

189KB
MD5

4228cf8620bfc22fa657004b0f4dafe7
SHA1

54923e5aa1c6028cf5043f0c35c6a26680e97236
SHA256

1ac7f4c8feed6a4da38d445a01d319a2580c35b139c68990ed87b8c7d4093b5c
SHA512

128e6f888db5e0bf7402a787118e9e37473888469fb41e2a5a60f7aaa1665bcf2277923ebe4e1567be0f5ef384ae04a84b450690ef9de208ffec5db61094e74c
SSDEEP

3072:IHZ7C9DfnjOkMeJUWwMO2+GXoq3twQq0fgPNRbbplIbFzDgaOCfbrC:IFC9TnyReJUVlGXorbbbAbFzsaOCju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4228cf8620bfc22fa657004b0f4dafe7_JaffaCakes118

Files

4228cf8620bfc22fa657004b0f4dafe7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66533534478c0682b046ee01535d0269

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetCurrentProcess
DeviceIoControl
QueryPerformanceCounter
HeapAlloc
AddAtomW
GetFileType
TlsAlloc
SetHandleCount
GetStdHandle
GetCurrentThread
GetCurrentProcessId
TlsFree
GetStartupInfoA
GetDiskFreeSpaceA
TerminateProcess
EnumResourceNamesA
GetModuleFileNameA
SetLastError
GetVersion
TlsGetValue
GlobalMemoryStatus
GetVersionExA
GetTickCount
GetComputerNameA
SetUnhandledExceptionFilter
GetLocalTime
GetModuleHandleW
GetCommandLineA
OutputDebugStringW
TlsSetValue
CloseHandle
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
RaiseException
InterlockedExchange

msvcrt

__p__fmode
_exit
__set_app_type
_amsg_exit
exit
_cexit
_initterm
_vsnwprintf
__setusermatherr
_vsnprintf
__p__commode
__getmainargs
?terminate@@YAXXZ
_ismbblead
memset
_acmdln
_XcptFilter
_controlfp

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66533534478c0682b046ee01535d0269

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

.reloc
Size: 1024B - Virtual size: 132KB