d38d3923e3e633031b8305f5fb096803_JaffaCakes118

General

Target

d38d3923e3e633031b8305f5fb096803_JaffaCakes118
Size

185KB
MD5

d38d3923e3e633031b8305f5fb096803
SHA1

bdd5b334bd0f65899abb425fd576924e8782ed69
SHA256

b97043cddf6e035f0cc0eba41f31c2718640db45b21b66a2cbb4564b276d39dc
SHA512

77cf43b169ce122eaf176e8273a57b61db01a8a750abdb6b91bf83e90e0860116ab6fff22fc3d7beb3659cc113acb961a3ffd4a59c950a6838ae2fae22b30281
SSDEEP

3072:tvy49hB7Swu8FZEczUabLpN/GiNHXVJs2LO62NlJKzx+FhSYcRrS6sU1vd:I49dZNLpNuilX/s+O6uqyLbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d38d3923e3e633031b8305f5fb096803_JaffaCakes118

Files

d38d3923e3e633031b8305f5fb096803_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9115b7a8ee9c4ac40dbff3a9fcf71343

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

user32

IntersectRect
CreateWindowExA
UnregisterClassA
GetFocus
OffsetRect
EqualRect
IsWindow
CallWindowProcA
SetFocus
SetWindowLongA
CharNextA
GetDC
GetClientRect
GetClassInfoExA
UnionRect
ShowWindow
InvalidateRect
GetParent
RegisterClassExA
LoadCursorA
DefWindowProcA
RealGetWindowClassA
ReleaseDC
wsprintfA
BeginPaint
SetWindowRgn
IsChild
EndPaint
PtInRect
GetWindowLongA
GetKeyState
SetWindowPos
DestroyWindow

kernel32

GetACP
CreateFiber
GetLocaleInfoA
RtlUnwind
IsProcessorFeaturePresent
HeapAlloc
GetProcAddress
SuspendThread
VirtualQuery
GetCommandLineA
HeapCreate
VirtualProtect
ExitProcess
EnumResourceNamesA
TerminateProcess
HeapSize
LoadLibraryA
HeapDestroy
HeapReAlloc
VirtualAlloc
SetThreadPriority
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemInfo
IsDebuggerPresent
InterlockedCompareExchange
VirtualFree
WriteFile

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9115b7a8ee9c4ac40dbff3a9fcf71343

Headers

File Characteristics

Imports

setupapi

user32

kernel32

Sections

.text Size: 157KB - Virtual size: 157KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 24KB - Virtual size: 23KB

.tls Size: 512B - Virtual size: 84KB

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 24KB - Virtual size: 23KB

.tls
Size: 512B - Virtual size: 84KB