0a238d4825cbf981766421b6c13786b4_JaffaCakes118

General

Target

0a238d4825cbf981766421b6c13786b4_JaffaCakes118
Size

276KB
MD5

0a238d4825cbf981766421b6c13786b4
SHA1

e8869b02df3858e485f5f104fdc45d6644911900
SHA256

622f79330bda2080671671ffcdcef09069c31093dbb9c0721329230fe11645c2
SHA512

a6e63446cc7dcafe2436cb60f7a73743304a058aa164eb8793c75135e061d95cbf5ac6ddb6ac09f1c6cefd148f0c5d933c162bd7bbb05dc4b617840a88fe4e86
SSDEEP

6144:8TPCUHeUYr5kj1OdOKRU64X9bGB7UqFoCevShTJVa0n/4:8OUZYr2jMoaUtXQBgCo3uJV7n/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a238d4825cbf981766421b6c13786b4_JaffaCakes118

Files

0a238d4825cbf981766421b6c13786b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6df68a9477a456b368dbc9cb22ad996f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

PolylineTo
CreatePatternBrush
MoveToEx
GetWorldTransform
CloseFigure
BeginPath
FillPath
SetROP2
GetClipBox
LineTo
EndPath
SetGraphicsMode
GetGraphicsMode
SetBrushOrgEx
GetStockObject
IntersectClipRect
PolyBezierTo
Rectangle
SelectClipPath
PolyDraw

kernel32

VirtualFree
GetStdHandle
GlobalAddAtomW
FatalAppExitA
FreeEnvironmentStringsW
UnhandledExceptionFilter
IsBadWritePtr
WideCharToMultiByte
HeapCreate
GetFileType
GetOEMCP
HeapReAlloc
GetStartupInfoA
SetHandleCount
GetCPInfo
EnumResourceNamesA
IsBadReadPtr
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
HeapDestroy
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
GetDateFormatW
GetModuleFileNameA
SetFilePointer
VirtualAlloc
WriteFile
IsBadCodePtr
GetEnvironmentVariableA
GetACP
GetCurrentThread

Sections

.text
Size: 146KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6df68a9477a456b368dbc9cb22ad996f

Headers

File Characteristics

Imports

setupapi

gdi32

kernel32

Sections

.text Size: 146KB - Virtual size: 278KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 126KB - Virtual size: 125KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 278KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 126KB - Virtual size: 125KB

.rsrc
Size: 1024B - Virtual size: 4KB