d4220164d214feea2230fb9362fd5c51_JaffaCakes118

General

Target

d4220164d214feea2230fb9362fd5c51_JaffaCakes118
Size

276KB
MD5

d4220164d214feea2230fb9362fd5c51
SHA1

bdb83d442738c53ea041aea0cf88000a57d7da64
SHA256

4f45a703cc132aebccd38f58a387631ffb428a8d00cac8cdc723070eca7eee1d
SHA512

ed26ae44b1e79d707bc58a1cb2a2dff827f50811278bc3da3c17264719f7af01abe5e67e870b8286f78c7f76729d67b74c05fa334f9e71618982d76dc1dca559
SSDEEP

6144:B5tQHc9Q+Qi3P2G7NnkafkjPLICn8jwaRDump2DEndL5enw/Pf/G:BrG+Qi3P2ykzjIr2EnBcUnG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4220164d214feea2230fb9362fd5c51_JaffaCakes118

Files

d4220164d214feea2230fb9362fd5c51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0e793e8e5a75c36ade5652e2be30134

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p__commode
_ismbblead
exit
__getmainargs
_cexit
_acmdln
memset
__p__fmode
__set_app_type
_XcptFilter
?terminate@@YAXXZ
_exit
__setusermatherr
_amsg_exit
_vsnprintf
_vsnwprintf
_initterm
_controlfp

kernel32

AddAtomW
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapFree
GetStdHandle
SetUnhandledExceptionFilter
CloseHandle
GetComputerNameA
GetVersion
TlsAlloc
GetProcessHeap
DeviceIoControl
TerminateProcess
GlobalMemoryStatus
GetFileType
SetLastError
TlsGetValue
TlsSetValue
EnumResourceNamesA
GetLocalTime
GetTickCount
GetCurrentProcessId
GetCommandLineA
GetModuleFileNameA
GetCurrentProcess
GetCurrentThread
RaiseException
OutputDebugStringW
GetStartupInfoA
GetVersionExA
GetModuleHandleW
GetDiskFreeSpaceA
SetHandleCount
TlsFree
HeapAlloc
RtlUnwind
InterlockedExchange

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0e793e8e5a75c36ade5652e2be30134

Headers

File Characteristics

Imports

msvcrt

kernel32

setupapi

Sections

.text Size: 141KB - Virtual size: 140KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 131KB - Virtual size: 131KB

.reloc Size: 1024B - Virtual size: 392KB

.text
Size: 141KB - Virtual size: 140KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 131KB - Virtual size: 131KB

.reloc
Size: 1024B - Virtual size: 392KB