c32f4e6ad1c7affbcf398d0185df75d9_JaffaCakes118

General

Target

c32f4e6ad1c7affbcf398d0185df75d9_JaffaCakes118
Size

191KB
MD5

c32f4e6ad1c7affbcf398d0185df75d9
SHA1

ef2290b5e988a97c9f473100065d1f86aa39f903
SHA256

ddf0112e9c57707f26c1ea644e91cb352dfb6bb866b9cf8e883042a3bce1fff6
SHA512

96a98325aca5723a2a824281c53badf2ca30e29bf18c0a7af3b7ef923e94edae4e33447518039116d4b14a0d2ecdad092a9da44af6713ae5549975bd2d672750
SSDEEP

3072:lrIT4O+k6MuqklP9yxey/nwwA7eAEXuUmQjaolH9/j+QEVUKXyd3cWa3oZdHFX1F:9W4eu9lEx9nC7eiUFld/yDVUKXydvXUm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c32f4e6ad1c7affbcf398d0185df75d9_JaffaCakes118

Files

c32f4e6ad1c7affbcf398d0185df75d9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de548e70e3747ed22c16730bd8593af3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualQuery
HeapSize
CreateFiber
HeapDestroy
HeapCreate
IsDebuggerPresent
VirtualFree
TerminateProcess
GetProcAddress
IsProcessorFeaturePresent
ResumeThread
LoadLibraryA
UnhandledExceptionFilter
EnumResourceNamesA
RtlUnwind
HeapReAlloc
ExitProcess
SetThreadPriority
GetCommandLineA
VirtualAlloc
HeapAlloc
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetLocaleInfoA
GetACP
VirtualProtect
GetSystemInfo
WriteFile

user32

GetClassInfoExA
RealGetWindowClassA
IsChild
UnregisterClassA
ShowWindow
CharNextA
SetFocus
RegisterClassExA
GetFocus
GetKeyState
GetDC
InvalidateRect
ReleaseDC
OffsetRect
IntersectRect
GetWindowLongA
BeginPaint
EndPaint
GetClientRect
SetWindowPos
DefWindowProcA
wsprintfA
EqualRect
SetWindowRgn
IsWindow
CreateWindowExA
LoadCursorA
SetWindowLongA
GetParent
UnionRect
CallWindowProcA
PtInRect
DestroyWindow

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de548e70e3747ed22c16730bd8593af3

Headers

File Characteristics

Imports

kernel32

user32

setupapi

Sections

.text Size: 169KB - Virtual size: 169KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 18KB - Virtual size: 17KB

.tls Size: 512B - Virtual size: 76KB

.text
Size: 169KB - Virtual size: 169KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 18KB - Virtual size: 17KB

.tls
Size: 512B - Virtual size: 76KB