a8215e9b19a3f6ee6478e516d2ca98b7_JaffaCakes118

General

Target

a8215e9b19a3f6ee6478e516d2ca98b7_JaffaCakes118
Size

165KB
MD5

a8215e9b19a3f6ee6478e516d2ca98b7
SHA1

b329ad2a5ff525a04dda3577eb2df0db8410f07f
SHA256

77259476908a4a10399c1d8a2bf726f6563251731a4651e9620e9970f741e02f
SHA512

8a763c15293b264630b2e219296f3fa87e1294087458eb2d347bf43a0f7cdbab09388250c24d2aebcb0ec198198df7c10361dc806c5d74104a196bfda2ab33c3
SSDEEP

3072:lhdd3Bwe7fL7Kxt/K3ghwLkEDVYI2t6DDSk73nZhTkwQGLe/tzHQ9F:lhdTw4fsxwkEDVY/t6DDSkTTmDlHK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8215e9b19a3f6ee6478e516d2ca98b7_JaffaCakes118

Files

a8215e9b19a3f6ee6478e516d2ca98b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bac7c7af320a2f456f35010db81d99a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfoExW
GetACP
GetEnvironmentStringsW
MultiByteToWideChar
QueryPerformanceCounter
lstrlenW
InitializeCriticalSection
LeaveCriticalSection
GetTickCount
GetVersionExA
GetFileType
FreeEnvironmentStringsW
GetOEMCP
GetCPInfo
WideCharToMultiByte
GetEnvironmentStrings
TlsGetValue
EnumResourceTypesA
TlsSetValue
EnterCriticalSection
UnhandledExceptionFilter
RaiseException
GetStdHandle
InterlockedExchange
InterlockedIncrement
GetThreadLocale
DeleteCriticalSection
GetLocaleInfoA
GetLogicalDriveStringsA
SetHandleCount
GetStartupInfoA
HeapSize
GetLastError
FreeEnvironmentStringsA
WriteFile
GetCurrentProcessId

newdev

UpdateDriverForPlugAndPlayDevicesW

ole32

CoGetTreatAsClass
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc

gdi32

SelectObject
GetTextExtentPointA
DeleteObject
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bac7c7af320a2f456f35010db81d99a1

Headers

File Characteristics

Imports

kernel32

newdev

ole32

gdi32

Sections

.text Size: 100KB - Virtual size: 100KB

.tls Size: 1KB - Virtual size: 1KB

.data Size: 61KB - Virtual size: 61KB

.reloc Size: 1024B - Virtual size: 96KB

.text
Size: 100KB - Virtual size: 100KB

.tls
Size: 1KB - Virtual size: 1KB

.data
Size: 61KB - Virtual size: 61KB

.reloc
Size: 1024B - Virtual size: 96KB