68f3377c68ff9e26a36c03abb035f2d2_JaffaCakes118

General

Target

68f3377c68ff9e26a36c03abb035f2d2_JaffaCakes118
Size

750KB
MD5

68f3377c68ff9e26a36c03abb035f2d2
SHA1

702b09116efbacdb4c673294f30d132ae5910fb5
SHA256

aa7b0b7229135d3473b3d5749f7506922c6ace2e22dc44afa4d3ea6f665c2003
SHA512

8ae5a9bcdceeefe177450963cdb501926b84e4ea69c48c711562c8fef32729e7bb21233eca8bf94e29379db4411511b81c041ec984aefc4c86fdd8839bcc41ab
SSDEEP

6144:kM559xHbKrogIVWD25rk3bdzK1blHBw18phHF/ZH4J6NLDOYHeLr+THUMMnBN7xC:dx5VBKYd3cK/Z4ETkMMv7gyC/hWmn/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68f3377c68ff9e26a36c03abb035f2d2_JaffaCakes118

Files

68f3377c68ff9e26a36c03abb035f2d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fa3ce50ba1739d3f8350d71d2debd14

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
VirtualAlloc
LoadLibraryA
VirtualProtect
WriteFile
GetProcAddress
GetModuleHandleA
VirtualFree
ExitProcess

advapi32

GetServiceDisplayNameA
AccessCheck
NotifyChangeEventLog

setupapi

SetupDiGetClassDescriptionExW
SetupDiInstallDevice
SetupGetFileQueueCount
SetupOpenMasterInf
SetupDiGetDriverInfoDetailA

user32

GetMessagePos
MsgWaitForMultipleObjects
OemToCharW
GetKeyboardState
SendMessageTimeoutA
UnhookWindowsHook
GetKeyState
GetClassInfoA
FindWindowA
FillRect
RegisterClassExA
CharToOemW
CharLowerA

msvcrt

time
fwprintf
exit
__set_app_type
__p__commode
__getmainargs

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 439KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rata
Size: 267KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0fa3ce50ba1739d3f8350d71d2debd14

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

setupapi

user32

msvcrt

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 439KB - Virtual size: 440KB

.rata Size: 267KB - Virtual size: 268KB

.bss Size: - Virtual size: 16KB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 439KB - Virtual size: 440KB

.rata
Size: 267KB - Virtual size: 268KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB