fccbe7b1654c24f1aa8c2adec34206cd_JaffaCakes118

General

Target

fccbe7b1654c24f1aa8c2adec34206cd_JaffaCakes118
Size

207KB
MD5

fccbe7b1654c24f1aa8c2adec34206cd
SHA1

659338c8a47552d5294e8b10fa6e5be0e538a9f8
SHA256

b078f67825aae662234d2b0bd43ddaec8978e77c49b333bc754f13426b885ca6
SHA512

ef3166cea59da9b15b1c3b25e4124d173be58cb465622935f443369126fa70dfa2b607092e9e53cd589ca6d0cbacc31887a901819b645ed892c682cdb76ab563
SSDEEP

6144:qA7BL80eh17Tf3/FSMwYTxH1iKwCmL4ClUOQhcr2b:qA7Sn7j/AMwYTxH1irCmL4Yxab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fccbe7b1654c24f1aa8c2adec34206cd_JaffaCakes118

Files

fccbe7b1654c24f1aa8c2adec34206cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6f8083d977de8343623d504d6c408a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msimg32

AlphaBlend

user32

IsZoomed
SetWindowPos
LoadIconW
GetParent
RealGetWindowClass
GetWindowPlacement
IsIconic
MapVirtualKeyW
GetSystemMetrics
DestroyWindow
SetWindowPlacement
UpdateWindow
ShowWindow
IsWindow
LoadImageW
SetForegroundWindow

kernel32

SetUnhandledExceptionFilter
GetCurrentThreadId
CreateFiberEx
TerminateProcess
IsDebuggerPresent
GetCurrentProcessId
LoadLibraryW
TlsAlloc
TerminateProcess
GetModuleHandleW
GetProcessHeap
TlsFree
FoldStringW
LoadLibraryA
GetProcAddress
CloseHandle
FreeLibrary
InterlockedCompareExchange
CreateSemaphoreW
GetTickCount
LocalAlloc
QueryPerformanceCounter
EnumResourceNamesA
InterlockedExchange
GetStartupInfoA
UnhandledExceptionFilter
TlsGetValue
GetCurrentProcess
FlushFileBuffers
GetSystemTimeAsFileTime
VirtualProtect
Sleep
RaiseException
GetCommandLineW
DeleteFileW
WaitForSingleObject
ReleaseSemaphore
GetLastError
GetLocaleInfoW
GetModuleFileNameW

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6f8083d977de8343623d504d6c408a6

Headers

File Characteristics

Imports

msimg32

user32

kernel32

setupapi

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 220KB