e7d4f7e15dbb9fbf88cb8c57a190776e_JaffaCakes118

General

Target

e7d4f7e15dbb9fbf88cb8c57a190776e_JaffaCakes118
Size

197KB
MD5

e7d4f7e15dbb9fbf88cb8c57a190776e
SHA1

ba0c4677e378c7665288268625d14e11ead9b104
SHA256

c152951274e3afead9c3766152fad0b25bc5f76e62d29d637bb41148d27c204b
SHA512

edb1b659ac146840e8cde4c8adaab1b20e24250c2f4953508b14a46787fc74a9f0773ae0bfcbacc5abb81635cf725599d16a8976e0b875723284414062f0b83c
SSDEEP

6144:5tE4PmN/zlkOk1KkMzT2rd/4a4sLqwrZft1jCVsvG:5f6mJ4S/Jqwdft4Wv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7d4f7e15dbb9fbf88cb8c57a190776e_JaffaCakes118

Files

e7d4f7e15dbb9fbf88cb8c57a190776e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5c0852f76003b767b27d4b93f05abc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

SetWindowPos
LoadIconW
ShowWindow
MapVirtualKeyW
RealGetWindowClass
GetWindowPlacement
GetSystemMetrics
IsZoomed
SetWindowPlacement
IsWindow
IsIconic
LoadImageW
UpdateWindow
GetParent
DestroyWindow
SetForegroundWindow

msimg32

AlphaBlend

kernel32

GetLocaleInfoW
DeleteFileW
InterlockedExchange
Sleep
CreateFiberEx
CloseHandle
LoadLibraryA
GetStartupInfoA
InterlockedCompareExchange
TerminateProcess
VirtualProtect
TlsAlloc
WaitForSingleObject
TerminateProcess
RaiseException
CreateSemaphoreW
TlsGetValue
EnumResourceNamesA
LocalAlloc
IsDebuggerPresent
GetProcessHeap
TlsFree
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FoldStringW
FlushFileBuffers
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentProcess
LoadLibraryW
ReleaseSemaphore
GetCurrentThreadId
FreeLibrary
GetLastError
GetSystemTimeAsFileTime
GetProcAddress
GetCommandLineW
GetModuleFileNameW

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5c0852f76003b767b27d4b93f05abc9

Headers

File Characteristics

Imports

user32

msimg32

kernel32

setupapi

Sections

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 26KB - Virtual size: 26KB

.tls Size: 512B - Virtual size: 224KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 26KB - Virtual size: 26KB

.tls
Size: 512B - Virtual size: 224KB