bdc89b77f96733dcdbd6594baff9a468_JaffaCakes118

General

Target

bdc89b77f96733dcdbd6594baff9a468_JaffaCakes118
Size

189KB
MD5

bdc89b77f96733dcdbd6594baff9a468
SHA1

20efba7ddbdf8ce010ff2f1918e96cd65dae7690
SHA256

fcda46dbb8520de13cc5df36c426773cd14f306a9abbec85594379143ef5c451
SHA512

652f4ac26f35027ee634a7c56d16b979f841fc98f2c3a62ce2b2e08ebc21b7a9c7a26bd52d1687b21c64c6e3d9b28b0c4a40990bcdd1051eab2d22273efaf0a2
SSDEEP

3072:IHZ7C9DfnjOkMeJUWwMO2+GXoq3twQq0fgPNRbbplIbFzDgaOCfbrC:IFC9TnyReJUVlGXorbbbAbFzsaOCju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdc89b77f96733dcdbd6594baff9a468_JaffaCakes118

Files

bdc89b77f96733dcdbd6594baff9a468_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66533534478c0682b046ee01535d0269

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
GetCurrentProcess
DeviceIoControl
QueryPerformanceCounter
HeapAlloc
AddAtomW
GetFileType
TlsAlloc
SetHandleCount
GetStdHandle
GetCurrentThread
GetCurrentProcessId
TlsFree
GetStartupInfoA
GetDiskFreeSpaceA
TerminateProcess
EnumResourceNamesA
GetModuleFileNameA
SetLastError
GetVersion
TlsGetValue
GlobalMemoryStatus
GetVersionExA
GetTickCount
GetComputerNameA
SetUnhandledExceptionFilter
GetLocalTime
GetModuleHandleW
GetCommandLineA
OutputDebugStringW
TlsSetValue
CloseHandle
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
RaiseException
InterlockedExchange

msvcrt

__p__fmode
_exit
__set_app_type
_amsg_exit
exit
_cexit
_initterm
_vsnwprintf
__setusermatherr
_vsnprintf
__p__commode
__getmainargs
?terminate@@YAXXZ
_ismbblead
memset
_acmdln
_XcptFilter
_controlfp

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66533534478c0682b046ee01535d0269

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

.reloc
Size: 1024B - Virtual size: 132KB