fc809c5c40877d5b5dcfc41eea8c2d43_JaffaCakes118

General

Target

fc809c5c40877d5b5dcfc41eea8c2d43_JaffaCakes118
Size

167KB
MD5

fc809c5c40877d5b5dcfc41eea8c2d43
SHA1

d7599868b258d075f6ca67789384344f0163ec5b
SHA256

a5b4361301232316b5305d050be378f72bdc38df20690327fd5068a69770de3d
SHA512

2f27e97882c5c82edc2cac6e779cb410b01a57b62fd9b828746d3a873995ca06232772fcba3b65d53128381fee771db22a28d1b3fdbf1365d21db6b7fd614ead
SSDEEP

3072:6TxfKkImHxP14hf/ICluxM4VTXcHKsJmnJ85GMf+b4676nVT/MC:kNPIkxNof/ImkDVSJSJ8595VT/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc809c5c40877d5b5dcfc41eea8c2d43_JaffaCakes118

Files

fc809c5c40877d5b5dcfc41eea8c2d43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30dfa5a170662bb6c8fcc62db876b45c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

ole32

CoGetTreatAsClass
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

gdi32

GetTextMetricsA
GetTextExtentPointA
DeleteObject
GetDeviceCaps
SelectObject
CreateFontIndirectA

kernel32

WideCharToMultiByte
FreeEnvironmentStringsW
GetCPInfoExW
GetEnvironmentStrings
QueryPerformanceCounter
WriteFile
TlsGetValue
HeapSize
GetEnvironmentStringsW
GetFileType
InitializeCriticalSection
GetThreadLocale
InterlockedIncrement
DeleteCriticalSection
FreeEnvironmentStringsA
GetLastError
UnhandledExceptionFilter
GetStartupInfoA
EnumResourceTypesA
SetHandleCount
GetCPInfo
GetOEMCP
GetTickCount
RaiseException
InterlockedExchange
lstrlenW
GetStdHandle
GetLogicalDriveStringsA
GetLocaleInfoA
GetVersionExA
TlsSetValue
EnterCriticalSection
GetACP
MultiByteToWideChar
LeaveCriticalSection
GetCurrentProcessId

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30dfa5a170662bb6c8fcc62db876b45c

Headers

File Characteristics

Imports

newdev

ole32

gdi32

kernel32

Sections

.text Size: 100KB - Virtual size: 100KB

.tls Size: 1KB - Virtual size: 1KB

.data Size: 63KB - Virtual size: 63KB

.reloc Size: 1024B - Virtual size: 104KB

.text
Size: 100KB - Virtual size: 100KB

.tls
Size: 1KB - Virtual size: 1KB

.data
Size: 63KB - Virtual size: 63KB

.reloc
Size: 1024B - Virtual size: 104KB