JaffaCakes118_76cf655b9fc28c1fead90e6b2c8b3dbe

General

Target

JaffaCakes118_76cf655b9fc28c1fead90e6b2c8b3dbe
Size

163KB
MD5

76cf655b9fc28c1fead90e6b2c8b3dbe
SHA1

364216d15a6f324fc13492f42522ed0ccc82cc75
SHA256

25d0017301cd8252f6e6e499c0df1f9790df64fea1c64c8a2ce4ee652b093493
SHA512

2454babc1ce757c655347a851210f38332c9d99efe947795ca045c6bda8c740e2e4cce23ff7813488aa8e862ad09f018fed6e23744b8a6eae22f76033d1f6be4
SSDEEP

3072:qIPkh4BR3Bw560TgT4reY/gjCYCiwVPiR40IXjLP7Yp6j3nKAxfTATuc832i15LN:qth4H3BwA0G4rP4tCiwcTIXLXbiE3VLW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_76cf655b9fc28c1fead90e6b2c8b3dbe

Files

JaffaCakes118_76cf655b9fc28c1fead90e6b2c8b3dbe
.exe windows:4 windows x86 arch:x86

c4a17c7e086af1d69e178f2a858bee4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextExtentPointA
GetDeviceCaps
GetTextMetricsA
SelectObject
DeleteObject
CreateFontIndirectA

newdev

UpdateDriverForPlugAndPlayDevicesW

msimg32

AlphaBlend
TransparentBlt

kernel32

InterlockedExchange
GetCPInfoExW
TlsGetValue
LeaveCriticalSection
GetCPInfo
GetThreadLocale
EnterCriticalSection
lstrlenW
FreeEnvironmentStringsW
GetLastError
MultiByteToWideChar
QueryPerformanceCounter
HeapSize
GetACP
EnumResourceTypesA
WriteFile
InitializeCriticalSection
TlsSetValue
GetTickCount
GetEnvironmentStringsW
RaiseException
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
SetHandleCount
GetEnvironmentStrings
GetComputerNameW
InterlockedIncrement
DeleteCriticalSection
GetVersionExA
GetStartupInfoA
GetStdHandle
WideCharToMultiByte
GetLocaleInfoA
GetOEMCP
GetCurrentProcessId

ole32

CoGetMalloc
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

shell32

SHGetFolderPathW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4a17c7e086af1d69e178f2a858bee4d

Headers

File Characteristics

Imports

gdi32

newdev

msimg32

kernel32

ole32

shell32

Sections

.text Size: 97KB - Virtual size: 96KB

.tls Size: 2KB - Virtual size: 1KB

.data Size: 62KB - Virtual size: 61KB

.reloc Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.tls
Size: 2KB - Virtual size: 1KB

.data
Size: 62KB - Virtual size: 61KB

.reloc
Size: 1024B - Virtual size: 96KB