865fa84be992429ab8a73b855b722086_JaffaCakes118

General

Target

865fa84be992429ab8a73b855b722086_JaffaCakes118
Size

173KB
MD5

865fa84be992429ab8a73b855b722086
SHA1

3ccf1bf78f34b7cb316fd6a88557211a783f6e95
SHA256

3c8dc03f2ccd069a7f4df697a0a6c2e91f622698ffe82eefc1cd8f06ad4c60be
SHA512

0684aa4c7656ee012b625e2e8bb5007382f304970d6954632cf73952f40bbeb2ae4e762c6fac8b66bb97c88e590223f6d32f5145f775402c381848c90a248fe1
SSDEEP

3072:X4DnmRpasUOKy+3SaBEIfuxdOgb7c1SYVvG2Rone+zYE/bdget:X4Dnm7asqiEEIfuxfbY1NXRx+6et

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
865fa84be992429ab8a73b855b722086_JaffaCakes118

Files

865fa84be992429ab8a73b855b722086_JaffaCakes118
.exe windows:4 windows x86 arch:x86

501050fc17cd46792a6c6bca32e7d18f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

kernel32

GetCPInfoExW
lstrlenW
WriteFile
QueryPerformanceCounter
InitializeCriticalSection
TlsSetValue
GetStartupInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetThreadLocale
UnhandledExceptionFilter
GetVersionExA
RaiseException
DeleteCriticalSection
GetEnvironmentStrings
HeapSize
TlsGetValue
GetCPInfo
EnumResourceTypesA
WideCharToMultiByte
EnterCriticalSection
GetStdHandle
LeaveCriticalSection
InterlockedIncrement
MultiByteToWideChar
GetLogicalDriveStringsW
GetOEMCP
FreeEnvironmentStringsW
GetTickCount
GetLastError
GetLocaleInfoA
GetACP
SetHandleCount
InterlockedExchange
GetFileType
GetCurrentProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

ole32

CoGetMalloc
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

msimg32

AlphaBlend
TransparentBlt

gdi32

GetTextExtentPointA
DeleteObject
GetDeviceCaps
SelectObject
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

501050fc17cd46792a6c6bca32e7d18f

Headers

File Characteristics

Imports

shell32

kernel32

newdev

ole32

msimg32

gdi32

Sections

.text Size: 99KB - Virtual size: 98KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 70KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 252KB

.text
Size: 99KB - Virtual size: 98KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 70KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 252KB