4292b30647bfc627a7cc0e0210506c35_JaffaCakes118

General

Target

4292b30647bfc627a7cc0e0210506c35_JaffaCakes118
Size

188KB
MD5

4292b30647bfc627a7cc0e0210506c35
SHA1

1daca4f3066f46f54cfefced3dde727514669f56
SHA256

63bc939d23a0d9e289d4e54a4f868fc508e5f743e0606d560bcb30f4f44e45b9
SHA512

1c23ad3ba6d0385e9e791b928fc7c3f98e39cd2661a22f182dc7af399d0ef7438de943bd49f761eada7f3aae13f5ba84dded95414e1413a0aa2caa41041786e2
SSDEEP

3072:ZwJg6Pou6N4CFXJfjV9WDURFwt3ZiRYNPrbCx34z9yNjr7LaRjSrUQXWOGI:Mg6Pou6dFWDUz8ZwYNPrx9yhr7+9SrU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4292b30647bfc627a7cc0e0210506c35_JaffaCakes118

Files

4292b30647bfc627a7cc0e0210506c35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e59ba3dd5bacef588ae9bda5f9ea9a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GlobalAddAtomW
GetStdHandle
GetModuleHandleW
GetDiskFreeSpaceA
SetHandleCount
TlsAlloc
QueryPerformanceCounter
RaiseException
GetComputerNameA
GetTickCount
TlsFree
GetCurrentProcessId
CloseHandle
SetUnhandledExceptionFilter
GetCurrentThread
TlsSetValue
GetSystemTimeAsFileTime
GetCommandLineA
TerminateProcess
GetStartupInfoA
EnumResourceNamesA
GetProcessHeap
GetVersionExA
GetFileType
GetLocalTime
GlobalMemoryStatus
GetVersion
TlsGetValue
SetLastError
OutputDebugStringW
GetCurrentProcess
DeviceIoControl
HeapAlloc
GetModuleFileNameA
RtlUnwind
HeapFree
InterlockedExchange

gdi32

PolylineTo
CreatePatternBrush
GetWorldTransform
SetGraphicsMode
IntersectClipRect
MoveToEx
Rectangle
CloseFigure
EndPath
GetClipBox
SetBrushOrgEx
SelectClipPath
SetROP2
LineTo
BeginPath
GetStockObject
PolyBezierTo
FillPath
GetGraphicsMode
PolyDraw

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e59ba3dd5bacef588ae9bda5f9ea9a3

Headers

File Characteristics

Imports

setupapi

kernel32

gdi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 83KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 83KB

.reloc
Size: 1024B - Virtual size: 132KB