9d73a8dc5917187ff094b1a6028960b6_JaffaCakes118

General

Target

9d73a8dc5917187ff094b1a6028960b6_JaffaCakes118
Size

187KB
MD5

9d73a8dc5917187ff094b1a6028960b6
SHA1

4690c94ab09e6b12cac5dc8d9c34bae4b7e8a8bc
SHA256

ea81e90a3a839b4b13e69a24cc41d2016961d5ad8a3285dd7bf7b119750685c1
SHA512

c4955e7a0837a0674dc489eb910f9a1d8985cc6ea85c9d941c07fa3bc34eec0644cbdba4c4d3ea4e3378944f178c49388045e588418751b7d70453199b2ccc43
SSDEEP

3072:QigEsY5K4R+IXrGkXPLxXjRbSWLTqTFmtG0ezmbD3yik41xIb5hel4JoV++4FVIj:cnMK4R+IXr/XPFXjfTcFZPzmbD3yik4p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d73a8dc5917187ff094b1a6028960b6_JaffaCakes118

Files

9d73a8dc5917187ff094b1a6028960b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a71b59614e92d3f7fd17ec3aac713e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

OffsetRect
wsprintfA
RegisterClassExA
LoadCursorA
PtInRect
RealGetWindowClassA
UnionRect
GetKeyState
GetParent
CreateWindowExA
GetWindowLongA
IsWindow
InvalidateRect
CallWindowProcA
SetFocus
CharNextA
IsChild
GetClassInfoExA
GetClientRect
ShowWindow
GetFocus
ReleaseDC
GetDC
EndPaint
UnregisterClassA
IntersectRect
SetWindowPos
DefWindowProcA
SetWindowRgn
EqualRect
SetWindowLongA
BeginPaint
DestroyWindow

kernel32

IsDebuggerPresent
VirtualAlloc
CreateFiber
GetSystemInfo
IsProcessorFeaturePresent
HeapAlloc
SuspendThread
VirtualFree
GetCommandLineA
VirtualQuery
TerminateProcess
VirtualProtect
EnumResourceNamesA
GetLocaleInfoA
UnhandledExceptionFilter
RtlUnwind
GetACP
SetThreadPriority
GetProcAddress
LoadLibraryA
HeapDestroy
ExitProcess
HeapCreate
InterlockedCompareExchange
HeapReAlloc
SetUnhandledExceptionFilter
HeapSize
WriteFile

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a71b59614e92d3f7fd17ec3aac713e4

Headers

File Characteristics

Imports

user32

kernel32

setupapi

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 80KB