d47941c07c297e1d587c75780e33fceb_JaffaCakes118

General

Target

d47941c07c297e1d587c75780e33fceb_JaffaCakes118
Size

184KB
MD5

d47941c07c297e1d587c75780e33fceb
SHA1

b91811d5298c0b97873c2eec1a2b676d005f0bda
SHA256

77ac8a6d618f9ec55393768ce2ab51eacc1cdc43e91ebc177a1621bf21cc999e
SHA512

74dd906bc3fe6074c822206a9d75857480ed7951823abaed8a8c2f757506b42d5ef3ae56e78dba553a0bbe4676167fb19cb189f6671ff8cb0484ff488cd1e05e
SSDEEP

3072:eFUppae8rTiLZnaL/UXUU9WBv298UdgkIY8zwVBOrDzbsYVwAj:Eve8g+8kU0BSBFIRzPn/Vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d47941c07c297e1d587c75780e33fceb_JaffaCakes118

Files

d47941c07c297e1d587c75780e33fceb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4776ee4e719040618e7913d96f189778

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA

ole32

StgCreateDocfile
StgOpenStorage

shell32

SHGetSpecialFolderPathA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

GetShortPathNameW
InterlockedExchange
InterlockedDecrement
LeaveCriticalSection
IsBadWritePtr
LocalFree
UnhandledExceptionFilter
QueryPerformanceCounter
InitializeCriticalSection
GetProcAddress
lstrlenA
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetProcessTimes
LoadLibraryA
CloseHandle
GetLocaleInfoA
GetCurrentProcessId
IsBadReadPtr
GetACP
EnumResourceTypesA
GetModuleHandleA
GetThreadLocale
GetLastError
FreeLibrary
GetFileAttributesA
DeleteCriticalSection
IsDebuggerPresent
CreateFileA
MultiByteToWideChar
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
EnterCriticalSection
InterlockedIncrement
GetTickCount
ExitProcess
GetVersionExA

user32

wsprintfA
wsprintfW

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4776ee4e719040618e7913d96f189778

Headers

File Characteristics

Imports

advapi32

ole32

shell32

setupapi

kernel32

user32

Sections

.text Size: 108KB - Virtual size: 108KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 72KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 240KB

.text
Size: 108KB - Virtual size: 108KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 72KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 240KB