1985e8c1265e1c40cbf3460c9c1a5428_JaffaCakes118

General

Target

1985e8c1265e1c40cbf3460c9c1a5428_JaffaCakes118
Size

173KB
MD5

1985e8c1265e1c40cbf3460c9c1a5428
SHA1

c9d64eef3cbf2a9dbe5edc9e6393a9c6c206d328
SHA256

9baf837e7e0a06d3ba02f80a415981e77f496f9b0fb5cba5853c38aa8c226365
SHA512

d1bffcb6b2fcffe5c41ca742346f21c0d1f2151fcbd5f780d856b316c70806fa85eb031f41408d7f9476249ac797381a5cd521f69a9d3f0fcb9415d6c476e49c
SSDEEP

3072:SoU7lwjWy3SX2n0skRE1ccSeRv+78vTU+Nd9tLw+5namdByUA5EQSB:ovy3SXI0sicRuwT5XS8a2Imd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1985e8c1265e1c40cbf3460c9c1a5428_JaffaCakes118

Files

1985e8c1265e1c40cbf3460c9c1a5428_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11ad0c71fc87be6ae7a882d463141676

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
AddAtomW
CloseHandle
QueryPerformanceCounter
Sleep
InterlockedDecrement
CreateFileW
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
DeleteFileA
GlobalUnlock
CreateDirectoryA
SetFilePointer
GetFileAttributesA
GetSystemTimeAsFileTime
GetVolumeInformationA
GlobalLock
InitializeCriticalSection
GetLastError
GetCurrentProcessId
GetCurrentThreadId
EnumResourceNamesA
LocalAlloc
GetFileSize
SetFileAttributesA
DisableThreadLibraryCalls
GetTickCount
lstrlenA
GetTempPathA
CreateFileA
VirtualFree
ReadFile
ReleaseMutex
CopyFileA
FindResourceA
DeleteCriticalSection
InterlockedIncrement
CreateMutexA
GetModuleFileNameW
WaitForSingleObject
GetModuleFileNameA
DeviceIoControl
VirtualAlloc
GetSystemTime
GetTempFileNameA
LocalFree
FreeLibrary

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

advapi32

RegQueryValueA
RegOpenKeyExA
RegEnumKeyExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 90KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11ad0c71fc87be6ae7a882d463141676

Headers

File Characteristics

Imports

kernel32

setupapi

advapi32

lz32

Sections

.text Size: 90KB - Virtual size: 234KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 90KB - Virtual size: 234KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 512B - Virtual size: 4KB