e78d9e0f45c173e095f7ec19217b43c0_JaffaCakes118

General

Target

e78d9e0f45c173e095f7ec19217b43c0_JaffaCakes118
Size

188KB
MD5

e78d9e0f45c173e095f7ec19217b43c0
SHA1

b6245898afa7279abb1752d4d45630052b5e1d76
SHA256

d31bfbce88b6b689577b88ca13849d722aa675083b87119268bdee3d83ab465e
SHA512

c2817608ad4e1c906d40a79c4afee35b000ea4283d7e3ac863c27ef22e05467688f14b3f23013a45d6790f5157a6fa2834b149f835b28563722a76ae11e0fd27
SSDEEP

3072:vU6YwDTF1jEwy3aWxk/jIZ6S8CgN7+Mm6N8pN31GLKiDS+QxcLr7TdAo:vUcXFFEzCUp8CgAMmU8D1GLhbQM7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e78d9e0f45c173e095f7ec19217b43c0_JaffaCakes118

Files

e78d9e0f45c173e095f7ec19217b43c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aad5da3abb5e33a6f532ef14256e6cbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
GetCurrentThreadId
GetCurrentProcess
Sleep
ReleaseSemaphore
LocalAlloc
GetLocaleInfoW
QueryPerformanceCounter
LoadLibraryA
LoadLibraryW
TerminateThread
VirtualProtect
SetUnhandledExceptionFilter
GetLastError
TlsGetValue
DeleteFileW
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
CloseHandle
GetStartupInfoA
GetCurrentProcessId
EnumResourceNamesA
TlsFree
FreeLibrary
TlsAlloc
IsDebuggerPresent
FlushFileBuffers
RaiseException
InterlockedCompareExchange
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleW
GetCommandLineW
InterlockedExchange
FoldStringW
CreateSemaphoreW
WaitForSingleObject
GetProcAddress
GetModuleFileNameW

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

RealGetWindowClass
IsIconic
IsWindow
MapVirtualKeyW
LoadImageW
GetParent
IsZoomed
SetWindowPos
LoadIconW
SetWindowPlacement
GetWindowPlacement
DestroyWindow
ShowWindow
GetSystemMetrics
UpdateWindow
SetForegroundWindow

msimg32

AlphaBlend

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aad5da3abb5e33a6f532ef14256e6cbe

Headers

File Characteristics

Imports

kernel32

setupapi

user32

msimg32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 21KB

.tls Size: 512B - Virtual size: 80KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 21KB

.tls
Size: 512B - Virtual size: 80KB