fbd6db946429019d7020557a9e0061a7_JaffaCakes118

General

Target

fbd6db946429019d7020557a9e0061a7_JaffaCakes118
Size

185KB
MD5

fbd6db946429019d7020557a9e0061a7
SHA1

c6b586d299c139fe1e8ae58bb4167aef79c72d2b
SHA256

a049ef15af81082d52427d53bfaf45cdad2959833954b06c437fdc2f3545f3c0
SHA512

0035327a7736bf703098f3cfe8e6d7194f5d47464ba43aa9a6551a65c58c5fbdd3a43ad91ec38f5247d1eb8bf80fcb837ddf02e0462519b1620da4b9ff897025
SSDEEP

3072:Xgbr6MsRktSjArkKoBrGLBMIjjKVBRV1FgxK8f1IpkMKy82/92V7B9KhLXQ7EgeO:Ax3ScjuGeIjjQRVToK8f1Ipk3y82/U7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbd6db946429019d7020557a9e0061a7_JaffaCakes118

Files

fbd6db946429019d7020557a9e0061a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

482966852ecf0ec1496d444bea99683a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

HeapReAlloc
ExitProcess
CreateFiber
UnhandledExceptionFilter
GetSystemInfo
GetACP
GetCommandLineA
InterlockedCompareExchange
SuspendThread
RtlUnwind
HeapDestroy
HeapSize
VirtualFree
HeapAlloc
GetLocaleInfoA
VirtualProtect
EnumResourceNamesA
GetProcAddress
IsDebuggerPresent
SetThreadPriority
VirtualAlloc
HeapCreate
VirtualQuery
LoadLibraryA
TerminateProcess
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
WriteFile

user32

GetKeyState
SetWindowLongA
IsWindow
CharNextA
GetDC
EqualRect
LoadCursorA
RegisterClassExA
GetParent
wsprintfA
GetClassInfoExA
BeginPaint
InvalidateRect
IntersectRect
GetWindowLongA
SetFocus
UnregisterClassA
RealGetWindowClassA
CreateWindowExA
IsChild
DefWindowProcA
CallWindowProcA
GetFocus
OffsetRect
SetWindowPos
PtInRect
SetWindowRgn
ShowWindow
EndPaint
ReleaseDC
UnionRect
GetClientRect
DestroyWindow

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

482966852ecf0ec1496d444bea99683a

Headers

File Characteristics

Imports

setupapi

kernel32

user32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 22KB

.tls Size: 512B - Virtual size: 84KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 22KB

.tls
Size: 512B - Virtual size: 84KB