166f1738bc53311af4f85d3e6d53b4b8_JaffaCakes118

General

Target

166f1738bc53311af4f85d3e6d53b4b8_JaffaCakes118
Size

186KB
MD5

166f1738bc53311af4f85d3e6d53b4b8
SHA1

f9b5ea46677cea73f6e42fd548f666175b8cf750
SHA256

447b9983323ad77427e248eaabbf6d3b21fa7dfee8d80675c611be30bc518707
SHA512

99b358083e6f1d3e33f390dd279aec6d01fa93e7980af90e84b9580a89153ddfbaf93f437aa607b5f1be9212b297b39baa47052fca45971aa8eb91f6f1fbbca2
SSDEEP

3072:Il2/Nk73mJTZ5mrzv9ktvvZMJLbKSAc00mYSgur3pPrttO4l9ccgqRPtwa93AcJs:rHTSvFkVM24Jur3p3UJ6twu3Aca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
166f1738bc53311af4f85d3e6d53b4b8_JaffaCakes118

Files

166f1738bc53311af4f85d3e6d53b4b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fd399989c2cc9a9fde8388a03f12703

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

WriteFile
GetProcAddress
GetLastError
GetStartupInfoA
EnterCriticalSection
FlushFileBuffers
GetFullPathNameA
AddAtomA
lstrcatA
GetStringTypeA
LCMapStringW
GetCPInfo
lstrcmpA
DeleteCriticalSection
lstrlenA
FreeLibrary
SetUnhandledExceptionFilter
SetFilePointer
lstrcpynA
MulDiv
lstrcpyA
GetCurrentThreadId
GetTickCount
ReadFile
FreeEnvironmentStringsA
IsBadReadPtr
GetDiskFreeSpaceA
lstrcmpiA
LCMapStringA
VirtualProtect
Sleep
EnumResourceNamesW
MultiByteToWideChar
GetEnvironmentStrings
LoadLibraryA
GetThreadLocale
UnhandledExceptionFilter
FreeEnvironmentStringsW
CreateFileA
FindFirstFileA
GetEnvironmentStringsW
lstrlenW
SetStdHandle
GetOEMCP
InitializeCriticalSection
CloseHandle
GetModuleHandleA
LeaveCriticalSection
WideCharToMultiByte
GetFileAttributesA
IsBadCodePtr
GetStringTypeW
RaiseException

Sections

.text
Size: 101KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fd399989c2cc9a9fde8388a03f12703

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 101KB - Virtual size: 244KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 81KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 244KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 512B - Virtual size: 4KB