a6a6fa4c1b056cf17ab36540e3b61fd8_JaffaCakes118

General

Target

a6a6fa4c1b056cf17ab36540e3b61fd8_JaffaCakes118
Size

187KB
MD5

a6a6fa4c1b056cf17ab36540e3b61fd8
SHA1

33941ea2ce32bb391fa6c65df03a419e04f15e86
SHA256

3e380c9790808157bd2918849ddb4b3ea427c7ef143d5fa6bce116ec7dc0041d
SHA512

897850068873bd2f3c80d159462acbc4a36f43c8d1cf3d8d16a1675a668e2104bb88602f25a9e39bd336991d800e3cf1cd02c5b455cf99e20c4edf2e437e57b7
SSDEEP

3072:Uu4httdl8EA4tYzvtT7X0hvkkraSa5NDFg3fPC3bUp1EMrgbLP7f4XqYNsT:UTbbbltEd70ZG5NDAy3wTtEHP7f4XqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6a6fa4c1b056cf17ab36540e3b61fd8_JaffaCakes118

Files

a6a6fa4c1b056cf17ab36540e3b61fd8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a01f786d27badb4c6844f292085b8120

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

HeapFree
GetLocalTime
GlobalAddAtomW
GlobalMemoryStatus
GetCurrentProcess
RaiseException
DeviceIoControl
TlsGetValue
HeapAlloc
GetDiskFreeSpaceA
GetFileType
GetTickCount
GetModuleHandleW
SetHandleCount
GetVersion
QueryPerformanceCounter
GetModuleFileNameA
RtlUnwind
GetStdHandle
GetSystemTimeAsFileTime
EnumResourceNamesA
GetCurrentThread
GetVersionExA
GetCurrentProcessId
OutputDebugStringW
TlsSetValue
GetComputerNameA
GetProcessHeap
CloseHandle
SetLastError
TerminateProcess
TlsFree
GetCommandLineA
TlsAlloc
GetStartupInfoA
SetUnhandledExceptionFilter
InterlockedExchange

gdi32

BeginPath
PolyBezierTo
MoveToEx
SetROP2
SetBrushOrgEx
CreatePatternBrush
Rectangle
GetStockObject
GetWorldTransform
SetGraphicsMode
GetGraphicsMode
FillPath
PolylineTo
SelectClipPath
EndPath
IntersectClipRect
GetClipBox
CloseFigure
LineTo
PolyDraw

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a01f786d27badb4c6844f292085b8120

Headers

File Characteristics

Imports

setupapi

kernel32

gdi32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 87KB - Virtual size: 87KB

.reloc Size: 1024B - Virtual size: 136KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 87KB - Virtual size: 87KB

.reloc
Size: 1024B - Virtual size: 136KB