f3b20f6416600411e0c39b24acdf77ad_JaffaCakes118

General

Target

f3b20f6416600411e0c39b24acdf77ad_JaffaCakes118
Size

279KB
MD5

f3b20f6416600411e0c39b24acdf77ad
SHA1

338eb3064e4d57b3a118739c64bd4d1b7bbe079e
SHA256

414912f394029979d4e49f1a6193a4e688e1d2400d25ab4d1872d56ae81e4310
SHA512

45a1dcbb70b784a0f7af95b959f3b90f0dc7ef9c3df527663fc93f5b8320b4e6663ceb4e9660b2d5f90c8ef7c90de0a6e58eb55e5cb5dc2ef047d50567edbd39
SSDEEP

6144:k0G2M0hFVgp+VWMufkWLIc+JXBESYW8B5:k0x5k+VWMu8WknEu8X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3b20f6416600411e0c39b24acdf77ad_JaffaCakes118

Files

f3b20f6416600411e0c39b24acdf77ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

80ed985c8b1ac325c19fdb65103aabb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
DeviceIoControl
GetDiskFreeSpaceA
GetModuleHandleW
TlsGetValue
GlobalAddAtomW
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetModuleFileNameA
GetComputerNameA
GetStartupInfoA
SetUnhandledExceptionFilter
TerminateProcess
HeapAlloc
GlobalMemoryStatus
GetStdHandle
GetCurrentThread
RtlUnwind
EnumResourceNamesA
GetLocalTime
SetHandleCount
CloseHandle
OutputDebugStringW
GetVersionExA
RaiseException
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
TlsAlloc
SetLastError
HeapFree
GetFileType
TlsFree
GetCurrentProcessId
TlsSetValue
InterlockedExchange

gdi32

EndPath
PolyBezierTo
GetStockObject
LineTo
BeginPath
FillPath
MoveToEx
GetWorldTransform
IntersectClipRect
GetGraphicsMode
Rectangle
CreatePatternBrush
GetClipBox
SetROP2
CloseFigure
PolylineTo
SetBrushOrgEx
SetGraphicsMode
SelectClipPath
PolyDraw

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80ed985c8b1ac325c19fdb65103aabb3

Headers

File Characteristics

Imports

kernel32

gdi32

setupapi

Sections

.text Size: 149KB - Virtual size: 148KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 126KB - Virtual size: 125KB

.reloc Size: 1024B - Virtual size: 388KB

.text
Size: 149KB - Virtual size: 148KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 126KB - Virtual size: 125KB

.reloc
Size: 1024B - Virtual size: 388KB