73b9bc4fe9f4044f08950faa8c928dc8_JaffaCakes118

General

Target

73b9bc4fe9f4044f08950faa8c928dc8_JaffaCakes118
Size

178KB
MD5

73b9bc4fe9f4044f08950faa8c928dc8
SHA1

06a0711ba44556a149c9132d6d967c752340d6fe
SHA256

f0c6689188d8af6108b20720ff6cf726f079b64a06e63d575a732e229775b786
SHA512

ad6df8fb27ee886ef2ca7e14f3b46c1e1d0dfe344c8f6c0550e3716cad44cf02ab9478061cc96f829075f03ad25270c357b1f2615e992fd4ee04aa3148b0e532
SSDEEP

3072:TT4fRP7lDbnvBmhx1KKrnYuxGITqxaPy3e9RUaKGg2+RdQr6RtV6Ya:TM9lD1+7KKrYuxQx8y3WRUBGgPQr6jVI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73b9bc4fe9f4044f08950faa8c928dc8_JaffaCakes118

Files

73b9bc4fe9f4044f08950faa8c928dc8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

897f0bd379e695230ddeb79cb834d5fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
EnterCriticalSection
SetHandleCount
GetCPInfoExW
HeapSize
RaiseException
TlsGetValue
WriteFile
GetVersionExA
WideCharToMultiByte
TlsSetValue
QueryPerformanceCounter
GetEnvironmentStrings
EnumResourceTypesA
lstrlenW
GetEnvironmentStringsW
InterlockedExchange
GetLocaleInfoA
GetFileType
GetStdHandle
GetOEMCP
MultiByteToWideChar
FreeEnvironmentStringsW
InitializeCriticalSection
GetLogicalDriveStringsA
GetStartupInfoA
FreeEnvironmentStringsA
GetLastError
GetTickCount
GetThreadLocale
GetACP
GetCPInfo
InterlockedIncrement
GetCurrentProcessId

gdi32

GetDeviceCaps
DeleteObject
SelectObject
GetTextMetricsA
GetTextExtentPointA
CreateFontIndirectA

newdev

UpdateDriverForPlugAndPlayDevicesW

ole32

CoGetTreatAsClass
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

897f0bd379e695230ddeb79cb834d5fc

Headers

File Characteristics

Imports

kernel32

gdi32

newdev

ole32

Sections

.text Size: 105KB - Virtual size: 104KB

.tls Size: 1KB - Virtual size: 1KB

.data Size: 69KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 252KB

.text
Size: 105KB - Virtual size: 104KB

.tls
Size: 1KB - Virtual size: 1KB

.data
Size: 69KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 252KB