448877ba39c96c4d1fa3af43c3a1a14f_JaffaCakes118

General

Target

448877ba39c96c4d1fa3af43c3a1a14f_JaffaCakes118
Size

170KB
MD5

448877ba39c96c4d1fa3af43c3a1a14f
SHA1

8f426c28b216bbff0e85403c042f29377bd7b526
SHA256

ca29065f3a73c0d794514d8296b88ff9831b2be4421bc1c6d6e80040dfcf41cb
SHA512

6f045b2d87e72308f4c1441b3c3a8e66b90af96b29768da6c00da45a9c01598979569ae3082e84cc89ce3802eef00630634c7b6e596737a0587e6dc8193604c8
SSDEEP

3072:WAIuhOk/Gp5ZEb/wmZEvu4PsgJtckPimCF//QCB5r4rVPgVfbsWleU:W4hOkeREDw2EvVNPimCF/IqGtKg1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
448877ba39c96c4d1fa3af43c3a1a14f_JaffaCakes118

Files

448877ba39c96c4d1fa3af43c3a1a14f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23fbca2a5808637ffd1f76b45fe63aa9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
wsprintfW

ole32

StgCreateDocfile
StgOpenStorage

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

kernel32

GetACP
GetShortPathNameA
InterlockedIncrement
LeaveCriticalSection
QueryPerformanceCounter
GetModuleHandleA
GetLocaleInfoA
InitializeCriticalSection
GetProcessHandleCount
GetThreadLocale
IsDebuggerPresent
LoadLibraryA
GetCurrentThreadId
lstrlenA
GetProcAddress
EnterCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
LocalFree
InterlockedExchange
EnumResourceTypesA
GetSystemTimeAsFileTime
lstrlenW
MultiByteToWideChar
GetCurrentProcessId
CloseHandle
InterlockedDecrement
GetTickCount
GetFileAttributesA
ExitProcess
WideCharToMultiByte
SetUnhandledExceptionFilter
GetLastError
CreateFileA
IsBadWritePtr
IsBadReadPtr
FreeLibrary
GetVersionExA

shell32

SHGetSpecialFolderPathA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23fbca2a5808637ffd1f76b45fe63aa9

Headers

File Characteristics

Imports

user32

ole32

setupapi

kernel32

shell32

advapi32

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 71KB - Virtual size: 70KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 71KB - Virtual size: 70KB

.edata
Size: 1024B - Virtual size: 96KB