3e20d7d578908131239764057bf4dac1_JaffaCakes118

General

Target

3e20d7d578908131239764057bf4dac1_JaffaCakes118
Size

278KB
MD5

3e20d7d578908131239764057bf4dac1
SHA1

116a3f9da9e4907c42922af47f97116730e2146f
SHA256

81f2983b97ab9dea0859d98c5f25cd0915737fc600d9753bfd5c1859236ddf09
SHA512

6693a2e2c21ea2176a383b9c6786870847eb12e5ece79eb8ffe2c2564952bc6cadef5f845cfd21bd94a14cb35ab8a908da942b581f8173ac66f093f3da17e19e
SSDEEP

6144:Bifu4jxdvpJqLg3sHjq665fyFJI4+5+2U4y4FB:DYvvpmzuyr+16yB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e20d7d578908131239764057bf4dac1_JaffaCakes118

Files

3e20d7d578908131239764057bf4dac1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2ef5d0a9fe4bef0f230169cadd920aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

kernel32

CloseHandle
GetSystemDirectoryW
ResetEvent
LocalAlloc
AddAtomW
FileTimeToLocalFileTime
WriteConsoleW
CreateDirectoryW
GetEnvironmentVariableW
LocalFree
GetCommandLineA
CreateThread
MapViewOfFile
LoadLibraryExW
UnmapViewOfFile
GetVersionExW
CopyFileW
GetTempPathW
EnumResourceNamesA
GetModuleHandleW
CreateFileMappingA
SetEvent
DeleteFileW
GetCurrentThreadId
WaitForSingleObject
MoveFileExW
WriteFileGather
CreateFileW
CreateProcessW
GetFileAttributesW
CreateEventA
CreateWaitableTimerA
FileTimeToSystemTime
GetSystemTime
SetFileAttributesW
GetExitCodeProcess
CreateFileA

Sections

.text
Size: 138KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2ef5d0a9fe4bef0f230169cadd920aa

Headers

File Characteristics

Imports

advapi32

setupapi

lz32

kernel32

Sections

.text Size: 138KB - Virtual size: 270KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 136KB - Virtual size: 136KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 138KB - Virtual size: 270KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 512B - Virtual size: 4KB