f96f2888d003c78f7a1494d753f8b33f_JaffaCakes118

General

Target

f96f2888d003c78f7a1494d753f8b33f_JaffaCakes118
Size

278KB
MD5

f96f2888d003c78f7a1494d753f8b33f
SHA1

bf1f8b320e17b30b6bbdb0c20aa663d9dd432e1e
SHA256

4c3dfe617e52aee6a9df6267021a7e3d412b70419693caf68d26530f2bbb4b29
SHA512

4187f38fc6b2d5253b127fa7755d6e429bea0bbc0cad823e83e677bc78ad2843ed22c638f7e3060465fac4b62efe7d61890d93065be9494fe9ec8ebd7e0af6bc
SSDEEP

6144:MCvJGq7COG+85s5CbLWTrRInjbtMB/TsQOtyA5ytDSXh24p0:fv4q7C5p5sW6hIjbAXJAcRKhD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f96f2888d003c78f7a1494d753f8b33f_JaffaCakes118

Files

f96f2888d003c78f7a1494d753f8b33f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0312e1ce0c3a4f5543ad0aa50567804a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetCPInfo
GetModuleHandleA
GetStringTypeW
HeapFree
GetConsoleOutputCP
FreeLibrary
InterlockedIncrement
AddAtomA
SetUnhandledExceptionFilter
LoadLibraryW
HeapSize
GetACP
UnhandledExceptionFilter
GetFileAttributesW
GetCurrentProcess
GetSystemTimeAsFileTime
GetConsoleCP
WideCharToMultiByte
GetVersionExA
IsValidCodePage
HeapReAlloc
GetStartupInfoA
EnumResourceNamesW
BeginUpdateResourceW
UpdateResourceW
VirtualAlloc
LCMapStringW
SetFilePointer
GetProcessHeap
GetConsoleMode
LeaveCriticalSection
GetCommandLineA
HeapAlloc
GetCurrentProcessId
EnterCriticalSection
CheckNameLegalDOS8Dot3W
LCMapStringA
RtlUnwind
RaiseException
GetStringTypeA
WriteFile
GetModuleFileNameW
GetOEMCP
SetStdHandle
IsDebuggerPresent
LoadLibraryExW
InterlockedDecrement

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize
CoInitialize

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 146KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0312e1ce0c3a4f5543ad0aa50567804a

Headers

File Characteristics

Imports

kernel32

shell32

ole32

setupapi

Sections

.text Size: 146KB - Virtual size: 278KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 128KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 278KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 128KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB