4718698c348760bb33f153f7ad86dfaa_JaffaCakes118

General

Target

4718698c348760bb33f153f7ad86dfaa_JaffaCakes118
Size

279KB
MD5

4718698c348760bb33f153f7ad86dfaa
SHA1

5aadb2555ab8ed5884f89b17a7a07de4a8155d8e
SHA256

395d442b44a1435eb83aef62c001e838cb413cb8181f2b96d553fdc434bad211
SHA512

517ead1c4484ffdf691e406731ee02674ae7aec834a08f5a570cd5f12cbbd076ec66b1518c68f844d990fa457f1ed2d6b5e77157474f2e576f212a885214090e
SSDEEP

6144:VHGmjHFVpUb/bVUzDHx3DVShmT1JXQpnvMHUBkTEOnEj0:5GYlkbxUXxDrRJyN+Bnj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4718698c348760bb33f153f7ad86dfaa_JaffaCakes118

Files

4718698c348760bb33f153f7ad86dfaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

552c2fca47617be2f351160826cdb561

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

FlushFileBuffers
EnterCriticalSection
GetStringTypeA
WideCharToMultiByte
AddAtomA
FreeLibrary
lstrcmpA
GetThreadLocale
Sleep
lstrcpyA
GetModuleHandleA
GetDiskFreeSpaceA
GetCurrentThreadId
CloseHandle
GetTickCount
IsBadCodePtr
ReadFile
WriteFile
lstrcpynA
UnhandledExceptionFilter
InitializeCriticalSection
FreeEnvironmentStringsA
LeaveCriticalSection
EnumResourceNamesW
GetLastError
SetFilePointer
GetStringTypeW
LCMapStringW
GetOEMCP
FreeEnvironmentStringsW
CreateFileA
GetCPInfo
LCMapStringA
GetFullPathNameA
MulDiv
SetUnhandledExceptionFilter
SetDllDirectoryW
DeleteCriticalSection
lstrlenA
lstrcatA
LoadLibraryA
GetProcAddress
GetFileAttributesA
SetStdHandle
FindFirstFileA
GetEnvironmentStringsW
IsBadReadPtr
GetStartupInfoA
lstrcmpiA
GetEnvironmentStrings
MultiByteToWideChar
VirtualProtect
RaiseException

Sections

.text
Size: 145KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

552c2fca47617be2f351160826cdb561

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 145KB - Virtual size: 280KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 131KB - Virtual size: 130KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 280KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 131KB - Virtual size: 130KB

.rsrc
Size: 512B - Virtual size: 4KB