702fac1262e6b2854f32bcc19894bfa7_JaffaCakes118

General

Target

702fac1262e6b2854f32bcc19894bfa7_JaffaCakes118
Size

208KB
MD5

702fac1262e6b2854f32bcc19894bfa7
SHA1

086c52b9cad1ee0f348c099d6d9b453aa21dfee9
SHA256

ecef2597665d0f0691cc5f0efaa2cd4739ca57ea898a67703105d5df220b81ce
SHA512

0ec69fd312388dc9eee84c557a84e10ec5f9c2069b7a44197d584cb8f1536bb643767328c86a2367bfb201728862661979a05e7b8ae6afe2528718278fa362a9
SSDEEP

6144:B6wXhihksO8TygkktRusLSUq9wddlyv4FFe6AxH:Bv0TyKtoseFKdIv4FFe6AxH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
702fac1262e6b2854f32bcc19894bfa7_JaffaCakes118

Files

702fac1262e6b2854f32bcc19894bfa7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

638de4e4056231ced7130279cec3bd74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

ShowWindow
GetParent
SetWindowPos
SetWindowPlacement
MapVirtualKeyW
RealGetWindowClass
DestroyWindow
IsIconic
IsWindow
LoadImageW
LoadIconW
UpdateWindow
GetWindowPlacement
GetSystemMetrics
IsZoomed
SetForegroundWindow

kernel32

Sleep
TlsGetValue
CreateFiberEx
WaitForSingleObject
TerminateProcess
GetCurrentProcess
LoadLibraryW
SetUnhandledExceptionFilter
FreeLibrary
GetProcessHeap
TlsAlloc
CloseHandle
TerminateProcess
FoldStringW
IsDebuggerPresent
LoadLibraryA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
LocalAlloc
EnumResourceNamesA
TlsFree
GetCurrentThreadId
GetLocaleInfoW
CreateSemaphoreW
QueryPerformanceCounter
DeleteFileW
InterlockedExchange
GetModuleHandleW
FlushFileBuffers
GetStartupInfoA
GetProcAddress
RaiseException
GetCurrentProcessId
GetLastError
InterlockedCompareExchange
VirtualProtect
GetCommandLineW
ReleaseSemaphore
GetTickCount
GetModuleFileNameW

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

msimg32

AlphaBlend

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

638de4e4056231ced7130279cec3bd74

Headers

File Characteristics

Imports

user32

kernel32

setupapi

msimg32

Sections

.text Size: 189KB - Virtual size: 189KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 15KB - Virtual size: 15KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 189KB - Virtual size: 189KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 15KB - Virtual size: 15KB

.tls
Size: 512B - Virtual size: 220KB