0e01fafd9de1d319306763f794bea644_JaffaCakes118

General

Target

0e01fafd9de1d319306763f794bea644_JaffaCakes118
Size

284KB
MD5

0e01fafd9de1d319306763f794bea644
SHA1

51aa1327daaf4e7150e3494626e565bd2ee67789
SHA256

cf348dba3d725d701556ed073ff7deae7a6216443602d2c6bb85f5906eda7d75
SHA512

7a7ccc7980321be0142e2f3a4a2c9450eec7181f1c7d4273ae8ea4c40d8eeaea13f70c2fca4bce46b662bdb236c02a89f2450ba3ac1bd442bbc55b114a0136a3
SSDEEP

6144:WLsb6mIaJPvPukx4EPdb+CD4rowvAErbMuHl5K1LS4LhZYv7:CsHIaJWkx4EPEXRM/L7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e01fafd9de1d319306763f794bea644_JaffaCakes118

Files

0e01fafd9de1d319306763f794bea644_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8a580f1d6ee28c400aa68cb8d68a5b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetFileAttributesA
FlushFileBuffers
UnhandledExceptionFilter
GetStartupInfoA
AddAtomA
lstrcmpiA
lstrcpyA
InitializeCriticalSection
GetFullPathNameA
VirtualProtect
CloseHandle
GetCurrentThreadId
LCMapStringA
GetStringTypeW
lstrcatA
GetEnvironmentStrings
FindFirstFileA
LCMapStringW
DeleteCriticalSection
lstrcmpA
GetProcAddress
MultiByteToWideChar
GetTickCount
IsBadCodePtr
GetLastError
GetDiskFreeSpaceA
EnumResourceNamesW
CreateFileA
EnterCriticalSection
WriteFile
ReadFile
SetFilePointer
FreeEnvironmentStringsW
LoadLibraryA
lstrlenA
GetThreadLocale
IsBadReadPtr
GetModuleHandleA
lstrlenW
FreeLibrary
GetEnvironmentStringsW
GetCPInfo
LeaveCriticalSection
FreeEnvironmentStringsA
WideCharToMultiByte
SetUnhandledExceptionFilter
Sleep
SetStdHandle
GetOEMCP
GetStringTypeA
MulDiv
RaiseException

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 153KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b8a580f1d6ee28c400aa68cb8d68a5b7

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 153KB - Virtual size: 288KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 127KB - Virtual size: 127KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 153KB - Virtual size: 288KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 127KB - Virtual size: 127KB

.rsrc
Size: 512B - Virtual size: 4KB