9586dbe82a3354150dd720a1b973832e_JaffaCakes118

General

Target

9586dbe82a3354150dd720a1b973832e_JaffaCakes118
Size

173KB
MD5

9586dbe82a3354150dd720a1b973832e
SHA1

4fd72abff25db1c5ed8bb9297059e54f68893372
SHA256

2b18ceef877d14aa67382ef94df91a883bf280050bb3d8f4827dccdc6e2fbc3b
SHA512

c362a1e8f00ca5ca4425120e9497b85c5d26dc068ea7ee3190d9699596e12b4f4283a3f511b3d4808033508b1533174832acaca6b223d73be6f264266216702d
SSDEEP

3072:zPJHGz7n7Frul90CPYDHeE49BBqDuhm/yt8t2a/EzNlkqy1FuarCLc:zhHGzb8l90CgCxDADuk/u8qBiqynuarD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9586dbe82a3354150dd720a1b973832e_JaffaCakes118

Files

9586dbe82a3354150dd720a1b973832e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a4fb76cc05d30e261a29c2c8402eb3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
GlobalAddAtomW
GetCurrentProcess
GetVersion
HeapAlloc
GetVersionExA
SetLastError
GetModuleHandleW
DeviceIoControl
TlsAlloc
GetDiskFreeSpaceA
GetStartupInfoA
GetCommandLineA
CloseHandle
GetModuleFileNameA
SetHandleCount
TlsFree
GetSystemTimeAsFileTime
GetStdHandle
RaiseException
EnumResourceNamesA
GetComputerNameA
HeapFree
GetProcessHeap
TerminateProcess
GetTickCount
OutputDebugStringW
TlsGetValue
GetCurrentProcessId
RtlUnwind
GetCurrentThread
TlsSetValue
GetFileType
GlobalMemoryStatus
GetLocalTime
QueryPerformanceCounter
InterlockedExchange

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

FillPath
IntersectClipRect
GetStockObject
PolylineTo
BeginPath
EndPath
GetClipBox
MoveToEx
GetWorldTransform
SetGraphicsMode
SetROP2
CreatePatternBrush
CloseFigure
PolyBezierTo
SetBrushOrgEx
LineTo
GetGraphicsMode
Rectangle
SelectClipPath
PolyDraw

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a4fb76cc05d30e261a29c2c8402eb3c

Headers

File Characteristics

Imports

kernel32

setupapi

gdi32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 74KB - Virtual size: 73KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 74KB - Virtual size: 73KB

.reloc
Size: 1024B - Virtual size: 124KB