2be604d590545b8956d98ff18e4722d6_JaffaCakes118

General

Target

2be604d590545b8956d98ff18e4722d6_JaffaCakes118
Size

168KB
MD5

2be604d590545b8956d98ff18e4722d6
SHA1

be04bee0b08a0286a878a7a47b5b253744d71954
SHA256

172678dec1b06c99d936c4f0503f56d9f141f186e2fbe8d6dceff452dfd029b8
SHA512

fe916879973b3871eeca9eaf5b2bd007f5204d10ac9d997e0845f2d407b19c7d4463b0718f5f37eabaa7760cb9a447c863642142d9a419de341daaf307c21afa
SSDEEP

3072:2DaZC93PSV4uUTDq9n8yqVAlFVdfCwkCLNbrsW/BRIf0w:C5G0Dq9n8NmVXkeNft00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2be604d590545b8956d98ff18e4722d6_JaffaCakes118

Files

2be604d590545b8956d98ff18e4722d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e238c7f7ae24b2ee797bae4f832d391

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

advapi32

RegEnumKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegQueryValueExA
RegQueryValueA
RegDeleteKeyA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

kernel32

GetACP
TerminateProcess
AddAtomW
SetStdHandle
GetStdHandle
SetHandleCount
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetEnvironmentStringsW
FindFirstFileA
FlushFileBuffers
ReadFile
TlsGetValue
GetEnvironmentStrings
GetFileType
GetStartupInfoA
TlsSetValue
GetVersionExA
GetCPInfo
EnumResourceNamesA
WriteFile
SetFilePointer
IsBadReadPtr
GetThreadLocale
CreateFileA
GetOEMCP
WriteFileGather
GetFileAttributesA
LCMapStringW
GetModuleFileNameA
SetUnhandledExceptionFilter
GetLocaleInfoA
FreeEnvironmentStringsW
IsBadCodePtr
LCMapStringA
VirtualProtect
GetCurrentProcess
GetStringTypeA
GetStringTypeW
HeapSize
WideCharToMultiByte
GetFullPathNameA
GetDiskFreeSpaceA

Sections

.text
Size: 88KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e238c7f7ae24b2ee797bae4f832d391

Headers

File Characteristics

Imports

setupapi

advapi32

lz32

kernel32

Sections

.text Size: 88KB - Virtual size: 484KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 484KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB