f254ad4e1b293202c9ae02fba34dde68_JaffaCakes118

General

Target

f254ad4e1b293202c9ae02fba34dde68_JaffaCakes118
Size

265KB
MD5

f254ad4e1b293202c9ae02fba34dde68
SHA1

e8d237d58d17bcafad902259f09385295d30e92d
SHA256

5e026db2218f9982740a534179bb2d94527bef9b324477f1e6ebf7ab7c252249
SHA512

6f266ea63b73bad12fe3d9c0b15e106d0477fbfcb1681848dd20d93ff1bc4aeeac6b41db2c59407a47629b8abb722118761e9c0cd754873cc5ab831a566ac653
SSDEEP

6144:35BzNdpotTi0/VQn+/3kX5DSq08X+hRhaeBKPvQFte30ysUyKA+1tlko:3vN72TiGSrJDJ08X+RwPvQ23pY6v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f254ad4e1b293202c9ae02fba34dde68_JaffaCakes118

Files

f254ad4e1b293202c9ae02fba34dde68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d031737190fff0f9308bf8577d95ddf4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

MultiByteToWideChar
HeapFree
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
GetStringTypeW
VirtualFree
GetTickCount
GetConsoleOutputCP
SetStdHandle
GetDateFormatA
GetTimeZoneInformation
SetFilePointer
IsDebuggerPresent
GetLocaleInfoA
RtlUnwind
WriteConsoleA
SetUnhandledExceptionFilter
SetEndOfFile
CompareStringA
SetEnvironmentVariableA
GetCurrentProcess
EnumSystemLanguageGroupsW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
HeapReAlloc
WriteFile
GetSystemTimeAsFileTime
ReadFile
LoadLibraryA
IsValidCodePage
HeapSize
ResetWriteWatch
HeapCreate
GetCurrentProcessId
CompareStringW
VirtualAlloc
QueryPerformanceCounter
RaiseException
GetTimeFormatA
TerminateProcess
HeapDestroy
GetOEMCP
GetACP
FreeLibrary
LCMapStringA
GetStringTypeA

oleacc

LresultFromObject
AccessibleObjectFromPoint

shell32

SHGetFolderPathW

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d031737190fff0f9308bf8577d95ddf4

Headers

File Characteristics

Imports

newdev

kernel32

oleacc

shell32

Sections

.text Size: 64KB - Virtual size: 64KB

.rdata Size: 2KB - Virtual size: 149KB

.data Size: 197KB - Virtual size: 196KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 64KB - Virtual size: 64KB

.rdata
Size: 2KB - Virtual size: 149KB

.data
Size: 197KB - Virtual size: 196KB

.rsrc
Size: 512B - Virtual size: 4KB