975b6f88dfbf76f52c3ea8d8d37fd5d2_JaffaCakes118

General

Target

975b6f88dfbf76f52c3ea8d8d37fd5d2_JaffaCakes118
Size

190KB
MD5

975b6f88dfbf76f52c3ea8d8d37fd5d2
SHA1

7f3174bbd85772240c0947f53db36c031935d7ba
SHA256

e1e38c8fc4279e7f917d02fd6d6abd40006d41ddd521e62e89f3bf9e59f4663a
SHA512

4d7e6eed544f678e07393a62e498fdf5e61d0eff77e3eb2e3b306dde3a76cc5c8cea14a2bc91589cba06bf4812e02563796b519b49e948814d608f1d82c35149
SSDEEP

3072:m2b/J1ggsibaAnWw0UUYa22TT0eFh7cgUXi1XGF00dImlVd2lOrfv:PwcsUUYZ2TTdD7c1iFnwlVElOT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
975b6f88dfbf76f52c3ea8d8d37fd5d2_JaffaCakes118

Files

975b6f88dfbf76f52c3ea8d8d37fd5d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfa50d41499906cecf94f72825b3ec9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

InterlockedCompareExchange
CreateFiberEx
TlsGetValue
TlsFree
ReleaseSemaphore
LocalAlloc
LoadLibraryA
GetLocaleInfoW
GetProcAddress
TerminateProcess
CreateSemaphoreW
VirtualProtect
GetLastError
WaitForSingleObject
RaiseException
UnhandledExceptionFilter
GetModuleHandleW
GetCurrentThreadId
CloseHandle
FreeLibrary
SetUnhandledExceptionFilter
EnumResourceNamesA
GetProcessHeap
QueryPerformanceCounter
LoadLibraryW
TerminateProcess
GetStartupInfoA
FlushFileBuffers
GetCommandLineW
InterlockedExchange
TlsAlloc
GetTickCount
DeleteFileW
IsDebuggerPresent
FoldStringW
GetSystemTimeAsFileTime
GetCurrentProcessId
Sleep
GetCurrentProcess
GetModuleFileNameW

msimg32

AlphaBlend

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

GetWindowPlacement
ShowWindow
MapVirtualKeyW
GetParent
DestroyWindow
IsWindow
GetSystemMetrics
LoadImageW
SetWindowPlacement
IsIconic
UpdateWindow
RealGetWindowClass
IsZoomed
SetWindowPos
LoadIconW
SetForegroundWindow

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cfa50d41499906cecf94f72825b3ec9a

Headers

File Characteristics

Imports

kernel32

msimg32

setupapi

user32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 88KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 88KB