42d8bd42cb9022d85723894f79f6cb66_JaffaCakes118

General

Target

42d8bd42cb9022d85723894f79f6cb66_JaffaCakes118
Size

165KB
MD5

42d8bd42cb9022d85723894f79f6cb66
SHA1

c4deed6d1a9ce214991d90929b9a36f6aed88f8d
SHA256

6398bb7328a44d1f6d0a73b7e9a56ec4c5b8ae4e3e9f469f148f9fd8adf3e078
SHA512

907e03558810cadd237df3f797d50d4251b8b2bd1111cfd5d438fa7cb6a2ce4c60e13d5504f6106703bb5920094ba6e81de68188c3616cfe239c2f3c97775cc3
SSDEEP

3072:j/zAKSJV2rJ/KIrfs4dYPdSFwtgHWL/enxGTDoyPE7PHkDCWW:jFc2rdrPdYkytg2L/A8PogE7cDCl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d8bd42cb9022d85723894f79f6cb66_JaffaCakes118

Files

42d8bd42cb9022d85723894f79f6cb66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

547ae09c47e7d8d441df74c1744052fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextMetricsA
SelectObject
GetDeviceCaps
GetTextExtentPointA
DeleteObject
CreateFontIndirectA

kernel32

InitializeCriticalSection
GetStdHandle
UnhandledExceptionFilter
GetACP
GetCPInfoExW
GetThreadLocale
SetHandleCount
TlsGetValue
RaiseException
FreeEnvironmentStringsW
InterlockedExchange
GetTickCount
LeaveCriticalSection
FreeEnvironmentStringsA
WriteFile
GetLocaleInfoA
EnterCriticalSection
GetStartupInfoA
EnumResourceTypesA
DeleteCriticalSection
GetEnvironmentStringsW
lstrlenW
InterlockedIncrement
GetOEMCP
TlsSetValue
GetEnvironmentStrings
MultiByteToWideChar
GetFileType
GetCPInfo
GetLogicalDriveStringsA
HeapSize
GetVersionExA
WideCharToMultiByte
QueryPerformanceCounter
GetLastError
GetCurrentProcessId

ole32

CoGetTreatAsClass
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

547ae09c47e7d8d441df74c1744052fe

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

newdev

Sections

.text Size: 95KB - Virtual size: 95KB

.tls Size: 1KB - Virtual size: 1KB

.data Size: 66KB - Virtual size: 65KB

.reloc Size: 1024B - Virtual size: 100KB

.text
Size: 95KB - Virtual size: 95KB

.tls
Size: 1KB - Virtual size: 1KB

.data
Size: 66KB - Virtual size: 65KB

.reloc
Size: 1024B - Virtual size: 100KB