42a2b439a05f41500fa2d8099a6628a0_JaffaCakes118

General

Target

42a2b439a05f41500fa2d8099a6628a0_JaffaCakes118
Size

184KB
MD5

42a2b439a05f41500fa2d8099a6628a0
SHA1

1697aa8262176e601acba78a44dc8443ffb7f3a9
SHA256

8639c2540a94f0055764ef4051851486239f1ac8557851d050e2489b35f45128
SHA512

6a46e4fef759989ef218d3ff0f029fd0ab30227b362405de3d5b6e117bb0e5fd38a178ab4a48764f4d289dc8b455505919d397ef081f1e1d6a52550ebb09de8f
SSDEEP

3072:vzEeqeVyYQc9J9AVO4kACJgldt8tMIeo4PIxavDmMiHRP+i4EMAAbhSyr7q8/ahH:v1V5QyJD47p5lIB4PsJMiHhH8Syv2h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42a2b439a05f41500fa2d8099a6628a0_JaffaCakes118

Files

42a2b439a05f41500fa2d8099a6628a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

124ebe7f28fbb1da02748172808ff11a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegCloseKey

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

SetEvent
GetTempPathW
CreateEventA
AddAtomW
GetFileAttributesW
GetVersionExW
GetEnvironmentVariableW
FileTimeToLocalFileTime
UnmapViewOfFile
GetSystemTime
CloseHandle
CreateProcessW
WriteConsoleW
GetExitCodeProcess
ResetEvent
GetCurrentThreadId
FileTimeToSystemTime
GetCommandLineA
CopyFileW
EnumResourceNamesA
CreateDirectoryW
LocalAlloc
DeleteFileW
CreateThread
MoveFileExW
LoadLibraryExW
MapViewOfFile
GetSystemDirectoryW
WriteFileGather
GetModuleHandleW
SetFileAttributesW
WaitForSingleObject
LocalFree
CreateFileMappingA
CreateWaitableTimerA
CreateFileW
CreateFileA

Sections

.text
Size: 95KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

124ebe7f28fbb1da02748172808ff11a

Headers

File Characteristics

Imports

lz32

advapi32

setupapi

kernel32

Sections

.text Size: 95KB - Virtual size: 238KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 238KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB