9543e1613520da5b648142e8a39d6501_JaffaCakes118

General

Target

9543e1613520da5b648142e8a39d6501_JaffaCakes118
Size

183KB
MD5

9543e1613520da5b648142e8a39d6501
SHA1

64baa71c412174bce60cc92534b718974d2c196a
SHA256

58a2d2c72187cf03e71a2780573b8073222bf0e4ce43bf660e130892b04915b3
SHA512

6213816bf4ed3c6e6924699e9bf7f58fbbb3b931e607934dfa3940dbcb504f7b555085f96dc870a38bfe98e981f7d464fedd33b48d16fac81d8432823e6fa7d7
SSDEEP

3072:nQUYc/2ZEIpXxVPpZ/4zU6RavZ/Qap7f2nbTQmfaapsarH5CmrQxPz+:nQUYc/EDx7xZv/9QadfLmPpsaQV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9543e1613520da5b648142e8a39d6501_JaffaCakes118

Files

9543e1613520da5b648142e8a39d6501_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8033a0ad3dba165db733e13d84b3f95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetTreatAsClass
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

gdi32

GetTextMetricsA
SelectObject
DeleteObject
GetTextExtentPointA
GetDeviceCaps
CreateFontIndirectA

kernel32

HeapSize
GetEnvironmentStringsW
GetACP
GetCPInfoExW
GetLocaleInfoA
TlsGetValue
GetOEMCP
TlsSetValue
DeleteCriticalSection
GetThreadLocale
FreeEnvironmentStringsA
GetStartupInfoA
InitializeCriticalSection
QueryPerformanceCounter
GetEnvironmentStrings
GetVersionExA
LeaveCriticalSection
GetTickCount
EnumResourceTypesA
EnterCriticalSection
GetStdHandle
InterlockedExchange
RaiseException
lstrlenW
WriteFile
GetFileType
WideCharToMultiByte
GetLastError
InterlockedIncrement
GetLogicalDriveStringsA
SetHandleCount
UnhandledExceptionFilter
MultiByteToWideChar
GetCPInfo
FreeEnvironmentStringsW
GetCurrentProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c8033a0ad3dba165db733e13d84b3f95

Headers

File Characteristics

Imports

ole32

gdi32

kernel32

newdev

Sections

.text Size: 107KB - Virtual size: 106KB

.tls Size: 1KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 72KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 107KB - Virtual size: 106KB

.tls
Size: 1KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 72KB

.reloc
Size: 1024B - Virtual size: 124KB