8d80086f53a3eb6f9789a48aa01f66ae_JaffaCakes118

General

Target

8d80086f53a3eb6f9789a48aa01f66ae_JaffaCakes118
Size

278KB
MD5

8d80086f53a3eb6f9789a48aa01f66ae
SHA1

6011f891fc03f8927f0d29471bf51b638761bdfd
SHA256

0e62022ff0b61393be478cbc8223dee8d91b1375e326edce533c86e33f2961d5
SHA512

db49176412d5b0c8cba0b3c3eceacb7aa6f70c7d64a7bb6bef41c7677a1182df14b1dd46368a40b926547536c4a1c0044fca12879a814f95a956d358fc419135
SSDEEP

6144:glf09+fAcfWMHITlxgUYwrugP1XkV3zd6GQy7Vnw:gps0HITngsucpkV30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d80086f53a3eb6f9789a48aa01f66ae_JaffaCakes118

Files

8d80086f53a3eb6f9789a48aa01f66ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a5d0c166b82690cf0dea68856386d03

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
TlsGetValue
HeapAlloc
AddAtomW
CloseHandle
GetStartupInfoA
TlsAlloc
GetLocalTime
GetTickCount
GetComputerNameA
TlsSetValue
GetProcessHeap
GlobalMemoryStatus
RaiseException
GetCommandLineA
GetCurrentProcess
GetVersion
EnumResourceNamesA
TlsFree
RtlUnwind
GetCurrentThread
HeapFree
SetLastError
DeviceIoControl
SetUnhandledExceptionFilter
GetCurrentProcessId
RegisterWaitForSingleObject
TerminateProcess
GetStdHandle
SetHandleCount
GetModuleHandleW
GetVersionExA
GetModuleFileNameA
GetDiskFreeSpaceA
InterlockedExchange

msvcrt

_ismbblead
_XcptFilter
exit
_initterm
_amsg_exit
?terminate@@YAXXZ
_exit
__p__commode
__set_app_type
_vsnwprintf
__p__fmode
__setusermatherr
memset
_vsnprintf
__getmainargs
_cexit
_acmdln
_controlfp

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a5d0c166b82690cf0dea68856386d03

Headers

File Characteristics

Imports

setupapi

kernel32

msvcrt

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 129KB - Virtual size: 129KB

.reloc Size: 1024B - Virtual size: 388KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 129KB - Virtual size: 129KB

.reloc
Size: 1024B - Virtual size: 388KB