4677b127573f931acafba19e3af79273_JaffaCakes118

General

Target

4677b127573f931acafba19e3af79273_JaffaCakes118
Size

172KB
MD5

4677b127573f931acafba19e3af79273
SHA1

0458cafb4516bb784b3dab8862aaa5cf65635cdf
SHA256

79a8f116ed1071aceaf19416d288409a9e174ee3dad16a844fad2c11fe8fe01d
SHA512

e68a5a577d4a1f95196254de607147d9e320b6cfb7a23a4e787e3e0c1cefe17e43b977f3fe0bde3ce0b33719374d84e3139f8f4f8ad0c21cd2d461cbef8c2387
SSDEEP

3072:Y9imFbka/K+VOKMeae1b0RSnjBNYHiNzaybgW9PBJJQGqPxiX:Y9/b0+0Ktae1b0mBNYHihaykE1+x0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4677b127573f931acafba19e3af79273_JaffaCakes118

Files

4677b127573f931acafba19e3af79273_JaffaCakes118
.exe windows:4 windows x86 arch:x86

066d41aaf002efd8ab56e1020194c7b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

ole32

StgCreateDocfile
StgOpenStorage

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

MultiByteToWideChar
InitializeCriticalSection
GetSystemTimeAsFileTime
GetShortPathNameA
InterlockedDecrement
GetACP
lstrlenW
GetLastError
GetLocaleInfoA
CloseHandle
UnhandledExceptionFilter
GetProcessWorkingSetSize
LeaveCriticalSection
InterlockedIncrement
WideCharToMultiByte
LocalFree
GetThreadLocale
EnumResourceTypesA
IsBadReadPtr
IsBadWritePtr
FreeLibrary
SetUnhandledExceptionFilter
GetCurrentProcessId
CreateFileA
GetProcAddress
GetModuleHandleA
GetFileAttributesA
ExitProcess
EnterCriticalSection
QueryPerformanceCounter
DeleteCriticalSection
GetCurrentThreadId
GetTickCount
InterlockedExchange
LoadLibraryA
lstrlenA
IsDebuggerPresent
GetVersionExA

shell32

SHGetSpecialFolderPathA

user32

wsprintfA
wsprintfW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

066d41aaf002efd8ab56e1020194c7b5

Headers

File Characteristics

Imports

advapi32

ole32

setupapi

kernel32

shell32

user32

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 69KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 69KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 96KB