9258e644728f23655b2c67a1e0ed7680_JaffaCakes118

General

Target

9258e644728f23655b2c67a1e0ed7680_JaffaCakes118
Size

198KB
MD5

9258e644728f23655b2c67a1e0ed7680
SHA1

1c06391c4140bf2db1fe7a9496ad52c790c7b990
SHA256

f6b2c8f97afd3a6f62b57fe4c623c923afd81d7977d289d049a542689cd8d5f7
SHA512

79fd7a8851376dd4952fa5943b08c6d1790fcb7a77a32301de26276f1642f48f87a8112ba7b24f68fa16d280de09e018a4e7505b22ffd845ad45c8de142ed40b
SSDEEP

6144:U9Ne7PVxR16f4nVc5h6yBDi4z43FvAJLH5Cz:U9477oW4ziYJZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9258e644728f23655b2c67a1e0ed7680_JaffaCakes118

Files

9258e644728f23655b2c67a1e0ed7680_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a23afd3c21c83d4fb1ca6c0c6f3a09be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

DefWindowProcA
wsprintfA
RegisterClassExA
SetWindowPos
GetDC
IsWindow
CreateWindowExA
PtInRect
IntersectRect
GetKeyState
RealGetWindowClassA
ShowWindow
IsChild
UnionRect
InvalidateRect
UnregisterClassA
GetWindowLongA
SetWindowLongA
GetClientRect
GetFocus
EqualRect
CallWindowProcA
EndPaint
ReleaseDC
SetWindowRgn
BeginPaint
OffsetRect
LoadCursorA
CharNextA
GetClassInfoExA
GetParent
SetFocus
DestroyWindow

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

HeapAlloc
CreateFiber
HeapSize
IsDebuggerPresent
IsProcessorFeaturePresent
GetLocaleInfoA
GetSystemInfo
HeapReAlloc
InterlockedCompareExchange
ResumeThread
SetUnhandledExceptionFilter
VirtualFree
ExitProcess
VirtualQuery
EnumResourceNamesA
GetProcAddress
VirtualProtect
GetACP
HeapCreate
SetThreadPriority
TerminateProcess
VirtualAlloc
RtlUnwind
GetCommandLineA
HeapDestroy
LoadLibraryA
UnhandledExceptionFilter
WriteFile

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a23afd3c21c83d4fb1ca6c0c6f3a09be

Headers

File Characteristics

Imports

user32

setupapi

kernel32

Sections

.text Size: 178KB - Virtual size: 177KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 216KB

.text
Size: 178KB - Virtual size: 177KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 216KB