aaad806fb865a515592779a3f5b0d9a4_JaffaCakes118

General

Target

aaad806fb865a515592779a3f5b0d9a4_JaffaCakes118
Size

72KB
MD5

aaad806fb865a515592779a3f5b0d9a4
SHA1

bd36bda917ad5a48f25f70d268c402ea10950914
SHA256

b7d522e4ff6e73a16f41f1e12758aeeb38f5c8346f5e0b220baddb0af55e5951
SHA512

83921ab8bddfd3370b8fabe6202db2862254b524566f3317a408dc5769a2540315926db926cf7ebb30c3af31b4584dee359e76dae3e2b63670b8fdce0cb04a65
SSDEEP

1536:zZeW+yvS0o/KmGY43ltTG0rk7QldLeAbzU/aCgQtXEX:zsByvS2xltCC07AnUrgQt0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaad806fb865a515592779a3f5b0d9a4_JaffaCakes118

Files

aaad806fb865a515592779a3f5b0d9a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fec26189f87530e13a90bc75c0013e30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Devel\ps3sixaxis_en\Release\ps3sixaxis_en.pdb

Imports

libusb0

ord32
ord21
ord22
ord26
ord9
ord42
ord7

kernel32

FlushFileBuffers
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
ExitProcess
HeapFree
HeapAlloc
GetModuleHandleA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
GetLastError
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
SetStdHandle
GetACP
GetOEMCP
GetCPInfo
HeapSize
CloseHandle
LCMapStringA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jxfdrxa
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fec26189f87530e13a90bc75c0013e30

Headers

File Characteristics

PDB Paths

Imports

libusb0

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 35KB - Virtual size: 35KB

jxfdrxa Size: - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 35KB - Virtual size: 35KB

jxfdrxa
Size: - Virtual size: 4KB