3243ee7a2759c47f11173b5b9654c53e_JaffaCakes118

General

Target

3243ee7a2759c47f11173b5b9654c53e_JaffaCakes118
Size

278KB
MD5

3243ee7a2759c47f11173b5b9654c53e
SHA1

d02260163e305fc8d4bc02c97c16128de175e160
SHA256

ab7985e011549f17bfb4a3d2d4385dec35b545d842c8ec8d3c46d0241288c31d
SHA512

d9b3696b7d47aba2dc66d9934aa1368f0532bc383ca868c5ceb06084b4da63be25dce517a32b008ec84adb23452b138b1f7e3ecb5ddbd7bc6be903a64324abd8
SSDEEP

6144:rwmfb9Zz43C+A9cvUEEpXYMSkDZcxOqcDIrM:rwmz9t43CTAM1uZA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3243ee7a2759c47f11173b5b9654c53e_JaffaCakes118

Files

3243ee7a2759c47f11173b5b9654c53e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

208e0e9800f506382bac5fba9b9b7414

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

lstrlenA
SetFilePointer
VirtualProtect
LeaveCriticalSection
GetStringTypeW
AddAtomA
LoadLibraryA
GetProcAddress
LCMapStringA
FreeLibrary
GetOEMCP
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsA
WriteFile
GetModuleHandleA
GetCPInfo
FreeEnvironmentStringsW
lstrcmpA
lstrcpynA
GetFullPathNameA
lstrcpyA
IsBadReadPtr
GetStartupInfoA
FindFirstFileA
GetFileAttributesA
EnumResourceNamesW
lstrcatA
CloseHandle
LCMapStringW
Sleep
GetStringTypeA
ReadFile
InitializeCriticalSection
GetCurrentThreadId
WideCharToMultiByte
IsBadCodePtr
SetDllDirectoryW
EnterCriticalSection
SetStdHandle
SetUnhandledExceptionFilter
GetDiskFreeSpaceA
MulDiv
DeleteCriticalSection
GetTickCount
UnhandledExceptionFilter
CreateFileA
MultiByteToWideChar
GetThreadLocale
lstrcmpiA
GetEnvironmentStrings
FlushFileBuffers
RaiseException

Sections

.text
Size: 140KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

208e0e9800f506382bac5fba9b9b7414

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 140KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 134KB - Virtual size: 134KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 134KB - Virtual size: 134KB

.rsrc
Size: 512B - Virtual size: 4KB