fe6177a18c1d7cf1b09f45ee1961de50_JaffaCakes118

General

Target

fe6177a18c1d7cf1b09f45ee1961de50_JaffaCakes118
Size

120KB
MD5

fe6177a18c1d7cf1b09f45ee1961de50
SHA1

757809d43d2b53763491ff1d17e90b2951ced096
SHA256

2c08dfaf26310a0e840bc33137fa7743cd046387de350a51d79291a8dba6717f
SHA512

52305c4c90ef91c385d88f65b564bae959bb0e43f71bd8d4b2174aca232eeb430b035c67b80381ddd40d6064e76b475cf33034afa30e64d5cc6124bd6d51639f
SSDEEP

3072:ueCl2Gk/A5MjYcwTRDYYHer/Zz3uTBkGJfdKgYNMb6+hgJM:ueTIll1HIZz3uTBBJ4f+7gJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe6177a18c1d7cf1b09f45ee1961de50_JaffaCakes118

Files

fe6177a18c1d7cf1b09f45ee1961de50_JaffaCakes118
.exe windows:6 windows x86 arch:x86

c0638357a4674f7764d28401361249c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ynmNa1OjKdUie.pdb

Imports

winscard

SCardFreeMemory

oleaut32

LPSAFEARRAY_UserSize
SafeArrayDestroyData

advapi32

CryptGenKey

setupapi

SetupScanFileQueueW

shlwapi

StrStrNIW

crypt32

CryptMsgOpenToEncode
CryptRegisterOIDFunction

kernel32

GetCommandLineW
CloseHandle
GetCurrentProcess
GetThreadLocale
GetLocalTime
SetCurrentConsoleFontEx
TryEnterCriticalSection
GetProcessId
SetProcessWorkingSetSizeEx
GetUserGeoID
GetStringTypeExA
SetNamedPipeHandleState
UnlockFile
SetTapePosition
CreateMutexExA
Heap32Next

user32

GetWindowInfo
PrintWindow
UserHandleGrantAccess
DdeSetQualityOfService
MenuItemFromPoint
GetThreadDesktop
GetCursor
GetWindowDC

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 84KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0638357a4674f7764d28401361249c4

Headers

File Characteristics

PDB Paths

Imports

winscard

oleaut32

advapi32

setupapi

shlwapi

crypt32

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.CRT Size: 84KB - Virtual size: 85KB

.data Size: 12KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 524B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.CRT
Size: 84KB - Virtual size: 85KB

.data
Size: 12KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 524B