fde50dbc82a656cd39bc14d97e689e23_JaffaCakes118

General

Target

fde50dbc82a656cd39bc14d97e689e23_JaffaCakes118
Size

207KB
MD5

fde50dbc82a656cd39bc14d97e689e23
SHA1

6547707c96c7c907e8e2932553f983713bdea62d
SHA256

350563330d4e265af5d9e3baa214c47e841bd37b3715e0217b1a927654907fa2
SHA512

8e7100a600da0dbb6464ace7670537bc3ab5fbbae07463a56d3e9f048ca3f11967c7ebe7941c4a1d2d629009dac67811015c2dd21d60fc10678df92591679ec0
SSDEEP

6144:qA7BL80eh17Tf3/FSMwYTxH1iKwCmL4ClUOQhcr2b:qA7Sn7j/AMwYTxH1irCmL4Yxab

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde50dbc82a656cd39bc14d97e689e23_JaffaCakes118

Files

fde50dbc82a656cd39bc14d97e689e23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e6f8083d977de8343623d504d6c408a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msimg32

AlphaBlend

user32

IsZoomed
SetWindowPos
LoadIconW
GetParent
RealGetWindowClass
GetWindowPlacement
IsIconic
MapVirtualKeyW
GetSystemMetrics
DestroyWindow
SetWindowPlacement
UpdateWindow
ShowWindow
IsWindow
LoadImageW
SetForegroundWindow

kernel32

SetUnhandledExceptionFilter
GetCurrentThreadId
CreateFiberEx
TerminateProcess
IsDebuggerPresent
GetCurrentProcessId
LoadLibraryW
TlsAlloc
TerminateProcess
GetModuleHandleW
GetProcessHeap
TlsFree
FoldStringW
LoadLibraryA
GetProcAddress
CloseHandle
FreeLibrary
InterlockedCompareExchange
CreateSemaphoreW
GetTickCount
LocalAlloc
QueryPerformanceCounter
EnumResourceNamesA
InterlockedExchange
GetStartupInfoA
UnhandledExceptionFilter
TlsGetValue
GetCurrentProcess
FlushFileBuffers
GetSystemTimeAsFileTime
VirtualProtect
Sleep
RaiseException
GetCommandLineW
DeleteFileW
WaitForSingleObject
ReleaseSemaphore
GetLastError
GetLocaleInfoW
GetModuleFileNameW

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6f8083d977de8343623d504d6c408a6

Headers

File Characteristics

Imports

msimg32

user32

kernel32

setupapi

Sections

.text Size: 185KB - Virtual size: 185KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 220KB

.text
Size: 185KB - Virtual size: 185KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 220KB