5c93aa73603dd026b943dec9b8d3671f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5c93aa73603dd026b943dec9b8d3671f_JaffaCakes118
Size

976KB
MD5

5c93aa73603dd026b943dec9b8d3671f
SHA1

80ab2c0cf69afebe371632e71ca1e30d8fc72392
SHA256

d1eed686b11ea0bfba75c88cf70c108c91746da33a51107075c133b2986c5052
SHA512

76df4add93e3613f9c74b8dba5d78a365afc58e8f1b50383c719b152ca6a12423e3980094eba891bc8996fb4b1d5a13c1aa6c4816c664901a3cbc528943cc634
SSDEEP

24576:Ibw5rBjGthTeBGSNVD7kFw4QlNqLPPal+:uwxBtoi+uzz+PPA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c93aa73603dd026b943dec9b8d3671f_JaffaCakes118

Files

5c93aa73603dd026b943dec9b8d3671f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8c87689dd5386bcac8fafd43b943a4d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsW
SetupFindFirstLineW
SetupGetLineCountW
CM_Get_Parent_Ex
CM_Get_Parent
CM_Get_Device_ID_ExW
SetupDiGetActualSectionToInstallW
SetupDiSetClassInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDevRegKey
SetupDiGetClassDevsExW
SetupOpenInfFileW
SetupDiEnumDriverInfoW
SetupDiOpenDeviceInterfaceW
SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoList
SetupInstallFromInfSectionW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetStringFieldW

secur32

FreeContextBuffer
DeleteSecurityContext

msvcrt

_controlfp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

kernel32

GetStartupInfoA
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
GetOEMCP
CreateFileW
CreateDirectoryW
GetTempPathW
GetCommandLineW
CreateProcessW
GetSystemTimeAsFileTime
GetSystemTime
CloseHandle
SetEndOfFile
WriteFile
GetFileType
ReleaseSemaphore
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
VirtualAlloc
GetVersion
GetProcAddress

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i2lohc
Size: 830KB - Virtual size: 830KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c87689dd5386bcac8fafd43b943a4d6

Headers

File Characteristics

Imports

setupapi

secur32

msvcrt

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 6.7MB

.i2lohc Size: 830KB - Virtual size: 830KB

.rsrc Size: 125KB - Virtual size: 125KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 6.7MB

.i2lohc
Size: 830KB - Virtual size: 830KB

.rsrc
Size: 125KB - Virtual size: 125KB