5d45a426ef328b8f37aad71b627ee784_JaffaCakes118

General

Target

5d45a426ef328b8f37aad71b627ee784_JaffaCakes118
Size

231KB
MD5

5d45a426ef328b8f37aad71b627ee784
SHA1

34e6e844b22cbb61778920899ef64d6704f56f62
SHA256

9899a46eaeadc2fc0888da095ba27a16d33eb3475c576294f2f8dc719cef8fed
SHA512

1bd9955173489dcb0dda07441e98fd2855541a378ac498766cf6e9b9d2627aa7794aa0bd2e365eecfac4a6a83b050134cadae3298afcb8eef06ec1842b0c48b0
SSDEEP

6144:pA7K9OLR087f5ebI34x50SnBP835UYoutCPZ0xqZqL:q7KULRTfQmC1ny3+D0xqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d45a426ef328b8f37aad71b627ee784_JaffaCakes118

Files

5d45a426ef328b8f37aad71b627ee784_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cac4d93bcfbbfbf0f90b23e0d44ce73a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsGetValue
GetCurrentThreadId
FreeLibrary
CreateFiberEx
WaitForSingleObject
CloseHandle
QueryPerformanceCounter
IsDebuggerPresent
InterlockedCompareExchange
GetCommandLineW
TerminateThread
TerminateProcess
LoadLibraryW
LoadLibraryA
GetStartupInfoA
TlsAlloc
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalAlloc
RaiseException
GetLastError
EnumResourceNamesA
VirtualProtect
GetProcessHeap
GetTickCount
CreateSemaphoreW
FoldStringW
FlushFileBuffers
DeleteFileW
GetSystemTimeAsFileTime
GetProcAddress
GetCurrentProcessId
InterlockedExchange
TlsFree
Sleep
GetModuleHandleW
GetLocaleInfoW
ReleaseSemaphore
GetModuleFileNameW

user32

MapVirtualKeyW
GetParent
IsZoomed
UpdateWindow
LoadIconW
IsWindow
GetSystemMetrics
IsIconic
GetWindowPlacement
LoadImageW
RealGetWindowClass
SetWindowPos
SetWindowPlacement
DestroyWindow
ShowWindow
SetForegroundWindow

msimg32

AlphaBlend

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cac4d93bcfbbfbf0f90b23e0d44ce73a

Headers

File Characteristics

Imports

kernel32

user32

msimg32

setupapi

Sections

.text Size: 209KB - Virtual size: 209KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 188KB

.text
Size: 209KB - Virtual size: 209KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 188KB