4268ef544037beb71d5e85203b5a475c_JaffaCakes118

General

Target

4268ef544037beb71d5e85203b5a475c_JaffaCakes118
Size

183KB
MD5

4268ef544037beb71d5e85203b5a475c
SHA1

33dea78e4b1b94a9d1c1ed85c0a372951b589753
SHA256

6cac711b5a02ba4eaf0699d273e8af4820e9de75b40aec7b2d1585a58ec6a922
SHA512

8eea38d1b5f043f7522f60e69524c1ecc6928b2d029981452570b386399c2977334de6ef349c7482b3566897c1ae647659763c0ebaaf2daa3af062717bf74dba
SSDEEP

3072:BMHluaTirjhnaS4r8FmEBZ+LeV/1fB1AZ20q/Qqa91p9bezzSUVhn4c0VCig:B6luaerxN4S3ZpDJQgQB2zmrP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4268ef544037beb71d5e85203b5a475c_JaffaCakes118

Files

4268ef544037beb71d5e85203b5a475c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3cef2c044d71c515df0981385903d01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZCopy
LZOpenFileA

kernel32

ReadFile
GetModuleFileNameA
GetLastError
GetSystemTimeAsFileTime
GetTickCount
CreateFileA
AddAtomW
InitializeCriticalSection
DeleteFileA
GetTempPathA
SetFileAttributesA
GlobalUnlock
GetFileAttributesA
QueryPerformanceCounter
InterlockedDecrement
CreateFileW
CreateDirectoryA
GetCurrentProcessId
lstrlenA
InterlockedIncrement
GetCurrentThreadId
LocalFree
GetVersionExA
WaitForSingleObject
EnumResourceNamesA
WideCharToMultiByte
Sleep
GlobalLock
ReleaseMutex
MultiByteToWideChar
GetSystemTime
DisableThreadLibraryCalls
FindResourceA
DeleteCriticalSection
VirtualAlloc
DeviceIoControl
GetVolumeInformationA
GetModuleFileNameW
SetFilePointer
CopyFileA
GetTempFileNameA
CreateMutexA
VirtualFree
GlobalFree
GetFileSize
CloseHandle
LocalAlloc
FreeLibrary

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
RegOpenKeyA
RegQueryValueA
RegCloseKey

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 93KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3cef2c044d71c515df0981385903d01

Headers

File Characteristics

Imports

lz32

kernel32

advapi32

setupapi

Sections

.text Size: 93KB - Virtual size: 233KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 233KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB