5e0e58175b2dea4a627c97bce769d1b4_JaffaCakes118

General

Target

5e0e58175b2dea4a627c97bce769d1b4_JaffaCakes118
Size

208KB
MD5

5e0e58175b2dea4a627c97bce769d1b4
SHA1

c4d0ad1c9da15fa7642be32714f06eaf41c48d21
SHA256

2cf64cedff1fb1f1ce62ce881c611ed23f9c4d76925140f953dba67cc1c738b6
SHA512

96dbc5419ff4121998286c0b4d188371a764909ac73308fa17b86ffc53a468735a7c231b86d15ecaf5a0e9dd05466f31db80606f7d5c90d059e3c663a38e2148
SSDEEP

6144:2BZb2xlW9vuDWbB0uvZHn8++qoK/OgKXiYQi:EF2zWJjbBJRH8LqfOgK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e0e58175b2dea4a627c97bce769d1b4_JaffaCakes118

Files

5e0e58175b2dea4a627c97bce769d1b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3df4941a620dac9acaed035a61788d0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msimg32

AlphaBlend

kernel32

GetModuleHandleW
GetSystemTimeAsFileTime
FreeLibrary
CreateFiberEx
GetProcessHeap
VirtualProtect
LoadLibraryA
TlsFree
GetCurrentProcess
TerminateProcess
InterlockedExchange
UnhandledExceptionFilter
IsDebuggerPresent
GetTickCount
GetCurrentThreadId
TlsGetValue
EnumResourceNamesA
DeleteFileW
GetCurrentProcessId
TlsAlloc
InterlockedCompareExchange
CloseHandle
SetUnhandledExceptionFilter
LocalAlloc
FlushFileBuffers
GetProcAddress
Sleep
GetStartupInfoA
FoldStringW
TerminateProcess
GetLocaleInfoW
LoadLibraryW
QueryPerformanceCounter
ReleaseSemaphore
WaitForSingleObject
GetLastError
RaiseException
GetCommandLineW
CreateSemaphoreW
GetModuleFileNameW

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

ShowWindow
LoadIconW
UpdateWindow
GetWindowPlacement
IsWindow
GetParent
GetSystemMetrics
IsIconic
LoadImageW
DestroyWindow
MapVirtualKeyW
IsZoomed
SetWindowPlacement
SetWindowPos
RealGetWindowClass
SetForegroundWindow

Sections

.text
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3df4941a620dac9acaed035a61788d0e

Headers

File Characteristics

Imports

msimg32

kernel32

setupapi

user32

Sections

.text Size: 190KB - Virtual size: 190KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 190KB - Virtual size: 190KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.tls
Size: 512B - Virtual size: 220KB