388666f5eaf2b32138ecc67d7d468563_JaffaCakes118

General

Target

388666f5eaf2b32138ecc67d7d468563_JaffaCakes118
Size

276KB
MD5

388666f5eaf2b32138ecc67d7d468563
SHA1

08d35065ae53112515ecc1d6222293db4fa2062e
SHA256

18ce111d1e574348f1ecdd79efc1f7cea4960b8d66c936bd4b6e3191dd228ee1
SHA512

e3feda94775895ad5625d2fbdf9c49c9df8a5dfbc7415c11b6542c7c2dde8ad9d91b20a0608c18ea4639b3a3ae69118d4b013868e83154fbc281195fa48870df
SSDEEP

6144:JhaV1cebL7LfL9hERziHyVEHLJUIly1Xr:L0fz9EwyvIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388666f5eaf2b32138ecc67d7d468563_JaffaCakes118

Files

388666f5eaf2b32138ecc67d7d468563_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77c0a9e4e3b6dc4868e21e169db6641b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZCopy
LZOpenFileA

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

InitializeCriticalSection
ReadFile
lstrlenA
GetModuleFileNameW
SetFilePointer
GetTempPathA
AddAtomW
GetTickCount
DeleteCriticalSection
GetCurrentProcessId
CreateFileA
CreateFileW
LocalFree
CloseHandle
ReleaseMutex
CopyFileA
VirtualAlloc
GlobalLock
QueryPerformanceCounter
GetSystemTime
GetFileSize
LocalAlloc
EnumResourceNamesA
GetCurrentThreadId
GlobalFree
GlobalUnlock
SetFileAttributesA
WaitForSingleObject
GetVolumeInformationA
VirtualFree
InterlockedIncrement
GetTempFileNameA
GetVersionExA
CheckNameLegalDOS8Dot3W
GetModuleFileNameA
CreateMutexA
GetSystemTimeAsFileTime
Sleep
GetLastError
InterlockedDecrement
DeleteFileA
GetFileAttributesA
CreateDirectoryA
DeviceIoControl
WideCharToMultiByte
DisableThreadLibraryCalls
MultiByteToWideChar
FreeLibrary

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
RegQueryValueA
RegEnumKeyA
RegCloseKey

Sections

.text
Size: 137KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77c0a9e4e3b6dc4868e21e169db6641b

Headers

File Characteristics

Imports

lz32

setupapi

kernel32

advapi32

Sections

.text Size: 137KB - Virtual size: 272KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 135KB - Virtual size: 135KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 272KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 512B - Virtual size: 4KB