2aee4b3c73b29975b9d9bc97faf41d11_JaffaCakes118

General

Target

2aee4b3c73b29975b9d9bc97faf41d11_JaffaCakes118
Size

205KB
MD5

2aee4b3c73b29975b9d9bc97faf41d11
SHA1

40a909654f1df25d63e60a0b86e3ad4bf6b3d62f
SHA256

c49cdfff53a508bb7be77b60a58f48d5126670ad25dbbd785a013beddb941a16
SHA512

3f47fe2acf639d8022eac426cab6da5750ed3175861ddbde6308dc66f83bf986984181695997caff48a8a5368054c8bba9eea44a6ee88acd387942bae20630d6
SSDEEP

6144:o8G7wvsUpydV/0VKFVwcrEmJT/GVHZ1qREfHwU:asUgWVyKFGkzGVHZ15

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aee4b3c73b29975b9d9bc97faf41d11_JaffaCakes118

Files

2aee4b3c73b29975b9d9bc97faf41d11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b47bdc06731e61ebb629d2e40fe72dd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualFree
CreateFiber
SetUnhandledExceptionFilter
IsDebuggerPresent
LoadLibraryA
HeapCreate
HeapReAlloc
ResumeThread
UnhandledExceptionFilter
VirtualAlloc
RtlUnwind
GetSystemInfo
EnumResourceNamesA
IsProcessorFeaturePresent
HeapSize
GetCommandLineA
ExitProcess
SetThreadPriority
HeapDestroy
TerminateProcess
GetLocaleInfoA
HeapAlloc
VirtualProtect
GetACP
InterlockedCompareExchange
VirtualQuery
GetProcAddress
WriteFile

user32

LoadCursorA
InvalidateRect
UnionRect
BeginPaint
GetWindowLongA
GetParent
GetClientRect
IsWindow
GetKeyState
ReleaseDC
CharNextA
IntersectRect
CreateWindowExA
SetWindowRgn
UnregisterClassA
GetFocus
RealGetWindowClassA
OffsetRect
GetClassInfoExA
EndPaint
SetWindowPos
GetDC
RegisterClassExA
CallWindowProcA
IsChild
SetWindowLongA
SetFocus
EqualRect
DefWindowProcA
PtInRect
wsprintfA
ShowWindow
DestroyWindow

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b47bdc06731e61ebb629d2e40fe72dd2

Headers

File Characteristics

Imports

kernel32

user32

setupapi

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 18KB

.tls Size: 512B - Virtual size: 228KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 18KB

.tls
Size: 512B - Virtual size: 228KB