28d2e7f1a3eb0fb20849e75d90a46e00_JaffaCakes118

General

Target

28d2e7f1a3eb0fb20849e75d90a46e00_JaffaCakes118
Size

174KB
MD5

28d2e7f1a3eb0fb20849e75d90a46e00
SHA1

54f9679bdd59717d81d9abb8260677bba792250d
SHA256

12017b327f22f03b1b3b334c29035f0f49b4d9bccea51d2e62188de45c840f57
SHA512

02500f9b58fdf924bd41221ec0cd0301a7c8647eaffc8d17434d0ed4670d7c47a8a975974779a5603151b7a03bde22c52fc6cce4a55da823f6c5923d4fda5ca9
SSDEEP

3072:c65j3i+CNfYzPvvZ88gCH+S5/946iRBbs7qe756xNcvCupCkkYbJKog6NSLkVF1H:cL2zvZ8z43wRBbsGky7zsVF1IL+tWB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d2e7f1a3eb0fb20849e75d90a46e00_JaffaCakes118

Files

28d2e7f1a3eb0fb20849e75d90a46e00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf241a71db5053cf2cfc6155705ec47d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

AddAtomW
GetSystemTimeAsFileTime
MultiByteToWideChar
CreateMutexA
GetVolumeInformationA
ReleaseMutex
GetLastError
CreateFileW
CloseHandle
GetVersionExA
CopyFileA
GetCurrentProcessId
GetModuleFileNameA
GetFileAttributesA
LocalAlloc
GlobalFree
CreateDirectoryA
InterlockedIncrement
SetFileAttributesA
VirtualAlloc
GetSystemTime
lstrlenA
CreateFileA
DisableThreadLibraryCalls
GlobalLock
Sleep
SetFilePointer
EnumResourceNamesA
ReadFile
LocalFree
GetTickCount
DeleteCriticalSection
DeleteFileA
CheckNameLegalDOS8Dot3W
GlobalUnlock
WaitForSingleObject
DeviceIoControl
GetFileSize
InterlockedDecrement
GetTempFileNameA
GetCurrentThreadId
WideCharToMultiByte
QueryPerformanceCounter
GetTempPathA
VirtualFree
InitializeCriticalSection
GetModuleFileNameW
FreeLibrary

advapi32

RegOpenKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueA
RegCloseKey

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 94KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf241a71db5053cf2cfc6155705ec47d

Headers

File Characteristics

Imports

setupapi

kernel32

advapi32

lz32

Sections

.text Size: 94KB - Virtual size: 238KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 238KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB