aa2f69af8e5678ee3ed7fc7b46b678b3_JaffaCakes118

General

Target

aa2f69af8e5678ee3ed7fc7b46b678b3_JaffaCakes118
Size

278KB
MD5

aa2f69af8e5678ee3ed7fc7b46b678b3
SHA1

dcf20d22a66efad5aa11d26b81370fa653b38453
SHA256

90cdcb8a2c4efbbce886f09e3cabf9ac187fe3bfcbf9efce8884d60fdc823d4d
SHA512

a75ac09db66d08d2e2783c449cd6e17bbb2d048c218e5f54d761133791bff29a8e913790d344d40086f01cb672d4b8b8032591cdcb63c0eca29a70492f830eaf
SSDEEP

6144:xl3KidyoMGXGaOM7RcBJOGXngQb5sLIK3le5rxo7d8:33PdhXGRFJFqx1Wrq7d8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa2f69af8e5678ee3ed7fc7b46b678b3_JaffaCakes118

Files

aa2f69af8e5678ee3ed7fc7b46b678b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52b507c17314722c3da10e79918c3141

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
__p__commode
__getmainargs
_initterm
__set_app_type
_cexit
_vsnprintf
__setusermatherr
_amsg_exit
memset
_exit
?terminate@@YAXXZ
__p__fmode
_ismbblead
_XcptFilter
_vsnwprintf
_acmdln
_controlfp

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetStdHandle
RtlUnwind
GetModuleFileNameA
GetComputerNameA
GlobalMemoryStatus
AddAtomW
GetTickCount
TerminateProcess
GetCurrentProcess
SetHandleCount
GetLocalTime
HeapFree
GetModuleHandleW
RaiseException
SetLastError
TlsSetValue
GetStartupInfoA
EnumResourceNamesA
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
GetVersionExA
GetFileType
DeviceIoControl
GetVersion
HeapAlloc
GetCurrentThread
TlsAlloc
GetCommandLineA
GetProcessHeap
OutputDebugStringW
TlsGetValue
CloseHandle
QueryPerformanceCounter
GetCurrentProcessId
TlsFree
SetUnhandledExceptionFilter
InterlockedExchange

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52b507c17314722c3da10e79918c3141

Headers

File Characteristics

Imports

msvcrt

setupapi

kernel32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 126KB - Virtual size: 125KB

.reloc Size: 1024B - Virtual size: 392KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 126KB - Virtual size: 125KB

.reloc
Size: 1024B - Virtual size: 392KB