3dbf6f1e6e4eea58e80e2d2367f9d287_JaffaCakes118

General

Target

3dbf6f1e6e4eea58e80e2d2367f9d287_JaffaCakes118
Size

277KB
MD5

3dbf6f1e6e4eea58e80e2d2367f9d287
SHA1

8a9c27c2cc7e32345344ced48e0ed9401ab9b50f
SHA256

b83d72bb787df35b0a559d7c0b209c7ea98d9d56b2d4558db9161462c124237b
SHA512

26c7650f2c8d6133927fb5b7b96874552e7b48c25016d0a7212cf3797374cfee439a1cd3e3bcd6c64bebbaa7e68d011e5adfeace5a4c8fea5841d650fa78a272
SSDEEP

6144:Ov1mQOf70/6XslCUk/OaLL/zS2RAzBMdJK9BnJa93e95u:i1mQU0SXICh/zLRAXBN9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dbf6f1e6e4eea58e80e2d2367f9d287_JaffaCakes118

Files

3dbf6f1e6e4eea58e80e2d2367f9d287_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64c358200df9141f56d68531ad9d3b6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetFileType
GlobalAddAtomW
HeapCreate
IsBadReadPtr
SetHandleCount
HeapReAlloc
GetModuleFileNameA
GetCPInfo
FreeEnvironmentStringsA
FatalAppExitA
GetACP
SetFilePointer
GetEnvironmentStrings
WriteFile
SetUnhandledExceptionFilter
VirtualAlloc
WideCharToMultiByte
IsBadCodePtr
EnumResourceNamesA
FreeEnvironmentStringsW
GetEnvironmentVariableA
GetDateFormatW
HeapDestroy
SetConsoleCtrlHandler
UnhandledExceptionFilter
GetEnvironmentStringsW
GetOEMCP
GetStdHandle
IsBadWritePtr
VirtualFree
GetStartupInfoA
GetCurrentThread

gdi32

GetGraphicsMode
PolylineTo
MoveToEx
IntersectClipRect
GetStockObject
LineTo
SetGraphicsMode
SetROP2
Rectangle
SetBrushOrgEx
PolyBezierTo
CloseFigure
GetClipBox
SelectClipPath
FillPath
GetWorldTransform
BeginPath
EndPath
CreatePatternBrush
PolyDraw

Sections

.text
Size: 147KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c358200df9141f56d68531ad9d3b6f

Headers

File Characteristics

Imports

setupapi

kernel32

gdi32

Sections

.text Size: 147KB - Virtual size: 279KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 147KB - Virtual size: 279KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 1024B - Virtual size: 4KB