59e309d3eec646c17461d3c590d1bc6a_JaffaCakes118

General

Target

59e309d3eec646c17461d3c590d1bc6a_JaffaCakes118
Size

31KB
MD5

59e309d3eec646c17461d3c590d1bc6a
SHA1

0bb4aa92c09ce0b9c827ae82094ed780893a62c4
SHA256

19379e25bfdcb1313644a2eb94149be37e064638c65861112d5e343985bd3092
SHA512

2264104c8553843737473694193902ef8a86eb68714792c0850139fea223813909ffe28f6a75d51a0d32734da931c81206522ce77b17c42d84d688808a7da577
SSDEEP

768:JmDgICb4PkzfOqnMeU8H/vVfwCFt8kJk61:qNC4PEOqnMV8HHqCTb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59e309d3eec646c17461d3c590d1bc6a_JaffaCakes118

Files

59e309d3eec646c17461d3c590d1bc6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

752c5a10aceabc50e3a3ee27894f9d27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetModuleHandleW
ExitProcess
GetCurrentDirectoryA
VirtualAlloc
IsDebuggerPresent
GetCommandLineA

setupapi

SetupGetLineByIndexW
SetupGetLineTextW
CM_Reenumerate_DevNode_Ex
SetupCloseLog
SetupDiInstallDevice
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInterfaceDetailA
SetupDiOpenDevRegKey
SetupDiGetDriverInfoDetailW
SetupGetMultiSzFieldW
SetupDiGetDeviceInstallParamsW
pSetupStringFromGuid
SetupDiOpenClassRegKeyExW
SetupGetTargetPathW
SetupDiBuildDriverInfoList
SetupDiGetDeviceInterfaceAlias
SetupInstallFromInfSectionW
SetupInstallFilesFromInfSectionW

gdi32

GetGlyphOutlineW
StretchDIBits
GetTextExtentPoint32W
ExcludeClipRect
GetEnhMetaFileHeader
GetWindowOrgEx
ArcTo

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textbs
Size: 18KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 122KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 148KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

752c5a10aceabc50e3a3ee27894f9d27

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

setupapi

gdi32

Sections

.text Size: 9KB - Virtual size: 9KB

.textbs Size: 18KB - Virtual size: 70KB

.orpc Size: 122KB - Virtual size: 188KB

.CRT Size: 148KB - Virtual size: 206KB

.rsrc Size: 132KB - Virtual size: 132KB

.text
Size: 9KB - Virtual size: 9KB

.textbs
Size: 18KB - Virtual size: 70KB

.orpc
Size: 122KB - Virtual size: 188KB

.CRT
Size: 148KB - Virtual size: 206KB

.rsrc
Size: 132KB - Virtual size: 132KB