172bebbf727bb8de191e993e148238d5_JaffaCakes118

General

Target

172bebbf727bb8de191e993e148238d5_JaffaCakes118
Size

178KB
MD5

172bebbf727bb8de191e993e148238d5
SHA1

492d0dda54ec43c9bfdab6f48cf0e972287f268a
SHA256

6f5278d01ef0ac133cf44d8136c83441ba4d9dc228a84ae80dd17eb68229ca7d
SHA512

952adcb1d04a55d308e5ff5cb6bd0990e9ccf06fe456862ce2532a57bd486f509dc9838ea34c4e2e386ce5f1c60d738fa9446a4b3f55f0022bae483357689346
SSDEEP

3072:PNiOqGy4IVxnVIcNW9DMevMr9nY99i2W28FEv21XNrkAC2H5SrIxkBYehI/AJzPE:FiOdxIFI7B/Mr9nYbi218dXBkO5+3FIO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
172bebbf727bb8de191e993e148238d5_JaffaCakes118

Files

172bebbf727bb8de191e993e148238d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e5ae671b97b7e0572b04b1f5cde5ceb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
GetFullPathNameA
GetOEMCP
lstrcpyA
GetEnvironmentStrings
VirtualProtect
AddAtomA
GetStartupInfoA
FlushFileBuffers
WideCharToMultiByte
lstrcatA
GetStringTypeA
GetProcAddress
DeleteCriticalSection
lstrcmpiA
EnterCriticalSection
GetEnvironmentStringsW
lstrlenA
IsBadReadPtr
FreeLibrary
CreateFileA
LoadLibraryA
GetModuleHandleA
Sleep
EnumResourceNamesW
WriteFile
GetDiskFreeSpaceA
FreeEnvironmentStringsA
InitializeCriticalSection
GetCPInfo
GetCurrentThreadId
GetStringTypeW
SetStdHandle
IsBadCodePtr
GetFileAttributesA
lstrlenA
LCMapStringA
FindFirstFileA
MulDiv
lstrcpynA
MultiByteToWideChar
LeaveCriticalSection
LCMapStringW
GetTickCount
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetThreadLocale
SetFilePointer
lstrcmpA
FreeEnvironmentStringsW
RaiseException

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 93KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e5ae671b97b7e0572b04b1f5cde5ceb

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 93KB - Virtual size: 244KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 82KB - Virtual size: 81KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 244KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 82KB - Virtual size: 81KB

.rsrc
Size: 512B - Virtual size: 4KB