JaffaCakes118_76348aa8356a4175ce86504d6be20db0

General

Target

JaffaCakes118_76348aa8356a4175ce86504d6be20db0
Size

205KB
MD5

76348aa8356a4175ce86504d6be20db0
SHA1

5dd1b9d3136274c23e2da1b6e6fcd12db6fa87fb
SHA256

c5a2f31bf7a0c893ca70477d32fe6f0baed0f149d25b171b200c97bff4ecdc46
SHA512

39e40d51e370199a8806f15c31fa94b9bcdd4e029618213a9b1b8e2df5205a1add4608c935c939b1c5973e346ce1754d41c6d986db3d680a4dbc1e2b8bce3ce0
SSDEEP

6144:3tRUHjTyhzghp2VLHBDA6Zg44z0q1E+9Fqbf2:3vUmghpITBDA6Zgl0qOMqr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_76348aa8356a4175ce86504d6be20db0

Files

JaffaCakes118_76348aa8356a4175ce86504d6be20db0
.exe windows:4 windows x86 arch:x86

e1e21423b03ca899e8e78a846b0b15c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

setupapi

CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

IsDebuggerPresent
GetProcAddress
CreateFiber
UnhandledExceptionFilter
GetLocaleInfoA
SetUnhandledExceptionFilter
VirtualAlloc
ExitProcess
IsProcessorFeaturePresent
SuspendThread
HeapAlloc
VirtualQuery
EnumResourceNamesA
GetSystemInfo
InterlockedCompareExchange
LoadLibraryA
HeapSize
VirtualFree
HeapDestroy
HeapCreate
SetThreadPriority
TerminateProcess
GetCommandLineA
HeapReAlloc
RtlUnwind
GetACP
VirtualProtect
WriteFile

user32

InvalidateRect
SetFocus
SetWindowRgn
OffsetRect
LoadCursorA
GetKeyState
EndPaint
BeginPaint
wsprintfA
DefWindowProcA
CallWindowProcA
IntersectRect
ReleaseDC
ShowWindow
SetWindowPos
GetFocus
IsWindow
SetWindowLongA
UnionRect
CreateWindowExA
RegisterClassExA
IsChild
CharNextA
UnregisterClassA
GetParent
EqualRect
GetClientRect
GetWindowLongA
GetDC
RealGetWindowClassA
PtInRect
GetClassInfoExA
DestroyWindow

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1e21423b03ca899e8e78a846b0b15c8

Headers

File Characteristics

Imports

setupapi

kernel32

user32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 21KB

.tls Size: 512B - Virtual size: 352KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 21KB

.tls
Size: 512B - Virtual size: 352KB