34a95f6cd7b953e764ee63826cc9963a_JaffaCakes118

General

Target

34a95f6cd7b953e764ee63826cc9963a_JaffaCakes118
Size

183KB
MD5

34a95f6cd7b953e764ee63826cc9963a
SHA1

4b6cd65e6b7d71a113e300da6860b9e243ef8ea1
SHA256

de32b123ab997f15c9f16d3b0ea2b5c1c24c7ef9f1f117e1006293214830e9ff
SHA512

828a542c6d34dd5d545fdd5f2930afb8e056a1719fd77d78d3fd7a683f94acad299a5340cb42be187d20d6bca7185b62d5a1f3d0bee26c7023ee205a4a1437df
SSDEEP

3072:mbnZZ7muTdYwPD3Q4Br7GYt4El+3pyStGEgspA5la1OwifYpLibjwFM3LwVPfEy:QZZiuTdhL35r7VkpJGEgsajclobjAIL1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34a95f6cd7b953e764ee63826cc9963a_JaffaCakes118

Files

34a95f6cd7b953e764ee63826cc9963a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01e4c8f68b7b3040bd7306773b28193c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegEnumKeyA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey

kernel32

GetStringTypeA
TerminateProcess
WriteFile
FreeEnvironmentStringsW
AddAtomW
LCMapStringW
ReadFile
FlushFileBuffers
GetModuleFileNameA
TlsSetValue
GetFullPathNameA
GetStartupInfoA
SetHandleCount
HeapSize
GetEnvironmentStrings
GetFileAttributesA
FreeEnvironmentStringsA
GetCurrentProcess
LCMapStringA
EnumResourceNamesA
GetLocaleInfoA
SetFilePointer
GetStdHandle
TlsGetValue
GetEnvironmentStringsW
CreateFileA
WriteFileGather
UnhandledExceptionFilter
GetThreadLocale
SetStdHandle
SetUnhandledExceptionFilter
GetACP
WideCharToMultiByte
GetVersionExA
GetStringTypeW
VirtualProtect
GetCPInfo
GetFileType
IsBadReadPtr
IsBadCodePtr
FindFirstFileA
GetOEMCP
GetDiskFreeSpaceA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 93KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01e4c8f68b7b3040bd7306773b28193c

Headers

File Characteristics

Imports

lz32

advapi32

kernel32

setupapi

Sections

.text Size: 93KB - Virtual size: 232KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 232KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 512B - Virtual size: 4KB