29cc2123064149e76450099e7b7e7470_JaffaCakes118

General

Target

29cc2123064149e76450099e7b7e7470_JaffaCakes118
Size

170KB
MD5

29cc2123064149e76450099e7b7e7470
SHA1

6798579b74b7b5f76c48d8f5f6b82886e35c2516
SHA256

d27d075112447fc8fbe31175a76033e081e1af62bf9474b5f1681cbd324ee096
SHA512

0eac50143e71be637dd6372a3e679171d8dbcf349d8b55f67eb83987081b296a82922fbf37c6abd111ac8c7da0badb4255176b6a00e0e0f007cf5079859d9781
SSDEEP

3072:XE47GfUBx4WoEwM14ZwxQk64kBSRIapR7qur+qhqPgG4rr1adkOqM5MQE:07fkKhe1iwCkSBFa+G8Pg1adQMGQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29cc2123064149e76450099e7b7e7470_JaffaCakes118

Files

29cc2123064149e76450099e7b7e7470_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7498bac61ba485c4a35e5ae68197390

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
IsBadCodePtr
GetStartupInfoA
GetTickCount
LeaveCriticalSection
GetProcAddress
GetFileAttributesA
lstrcpyA
AddAtomA
FreeEnvironmentStringsW
FreeLibrary
VirtualProtect
IsBadReadPtr
Sleep
ReadFile
SetUnhandledExceptionFilter
SetFilePointer
GetThreadLocale
GetModuleHandleA
lstrcatA
WideCharToMultiByte
LoadLibraryA
InitializeCriticalSection
CreateFileA
FindFirstFileA
EnumResourceNamesW
GetEnvironmentStrings
GetLastError
LCMapStringW
GetEnvironmentStringsW
GetStringTypeW
DeleteCriticalSection
CloseHandle
GetFullPathNameA
GetCPInfo
GetOEMCP
MultiByteToWideChar
MulDiv
FlushFileBuffers
FreeEnvironmentStringsA
SetDllDirectoryW
WriteFile
EnterCriticalSection
lstrlenA
lstrcmpiA
GetDiskFreeSpaceA
GetCurrentThreadId
lstrcpynA
LCMapStringA
lstrcmpA
GetStringTypeA
UnhandledExceptionFilter
RaiseException

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 93KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7498bac61ba485c4a35e5ae68197390

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 93KB - Virtual size: 489KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 72KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 489KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 72KB

.rsrc
Size: 512B - Virtual size: 4KB