d23492d92f0a7dc1f6e7376e99d65c58_JaffaCakes118

General

Target

d23492d92f0a7dc1f6e7376e99d65c58_JaffaCakes118
Size

188KB
MD5

d23492d92f0a7dc1f6e7376e99d65c58
SHA1

e6694e3133d0dc1fbafb4525cabdb5af7d307651
SHA256

6735667b4a449c0fd53fec5d35d05f60863a2c527d2b5dea9074774c524ecd0e
SHA512

73ec7953a47fea341e704403bf3cba742dc3b9fac7ddd09d094e73c9c38c17c34f3eabff21463d0463e828081ad65a233b031fab862c6d0b5c6ac659be8aba58
SSDEEP

3072:ZwJg6Pou6N4CFXJfjV9WDURFwt3ZiRYNPrbCx34z9yNjr7LaRjSrUQXWOGI:Mg6Pou6dFWDUz8ZwYNPrx9yhr7+9SrU1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d23492d92f0a7dc1f6e7376e99d65c58_JaffaCakes118

Files

d23492d92f0a7dc1f6e7376e99d65c58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e59ba3dd5bacef588ae9bda5f9ea9a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GlobalAddAtomW
GetStdHandle
GetModuleHandleW
GetDiskFreeSpaceA
SetHandleCount
TlsAlloc
QueryPerformanceCounter
RaiseException
GetComputerNameA
GetTickCount
TlsFree
GetCurrentProcessId
CloseHandle
SetUnhandledExceptionFilter
GetCurrentThread
TlsSetValue
GetSystemTimeAsFileTime
GetCommandLineA
TerminateProcess
GetStartupInfoA
EnumResourceNamesA
GetProcessHeap
GetVersionExA
GetFileType
GetLocalTime
GlobalMemoryStatus
GetVersion
TlsGetValue
SetLastError
OutputDebugStringW
GetCurrentProcess
DeviceIoControl
HeapAlloc
GetModuleFileNameA
RtlUnwind
HeapFree
InterlockedExchange

gdi32

PolylineTo
CreatePatternBrush
GetWorldTransform
SetGraphicsMode
IntersectClipRect
MoveToEx
Rectangle
CloseFigure
EndPath
GetClipBox
SetBrushOrgEx
SelectClipPath
SetROP2
LineTo
BeginPath
GetStockObject
PolyBezierTo
FillPath
GetGraphicsMode
PolyDraw

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e59ba3dd5bacef588ae9bda5f9ea9a3

Headers

File Characteristics

Imports

setupapi

kernel32

gdi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 83KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 83KB

.reloc
Size: 1024B - Virtual size: 132KB