4cc09b25c9655bd80363240965522813_JaffaCakes118

General

Target

4cc09b25c9655bd80363240965522813_JaffaCakes118
Size

174KB
MD5

4cc09b25c9655bd80363240965522813
SHA1

01b95ebdf7a9836d6dcb7686389797e23ef02f50
SHA256

99dbee4fac757f6a98402e2ac357b85f1e843a4b854fd849e8b3df83aa0f5d56
SHA512

5fc99babd71bf104f150cce8256def9627924c2bbcb596fc84fb81bf98ed1a1b5f96071e20fcb110dda822f4706bb0a05727185266fc6aaa6c66dddc905dd1ee
SSDEEP

3072:Ny2c8ngVXg9BfDxM9NIvp/ZFmnrKefjGMRSZbzjGjzvUzcHnQ:nZgVQfDvhBFmnmefVkzivJH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cc09b25c9655bd80363240965522813_JaffaCakes118

Files

4cc09b25c9655bd80363240965522813_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24296a72e3f272c4ba2298413a423e72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegQueryValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

kernel32

ReleaseMutex
MultiByteToWideChar
GetSystemTimeAsFileTime
InterlockedIncrement
GetFileSize
AddAtomW
DeviceIoControl
CloseHandle
VirtualFree
GetFileAttributesA
ReadFile
GetSystemTime
LocalFree
SetFileAttributesA
DeleteCriticalSection
GetLastError
DeleteFileA
LocalAlloc
GlobalUnlock
DisableThreadLibraryCalls
CreateDirectoryA
GetTempPathA
InitializeCriticalSection
Sleep
EnumResourceNamesA
GetVolumeInformationA
QueryPerformanceCounter
GetVersionExA
WideCharToMultiByte
GetModuleFileNameA
GetTempFileNameA
CopyFileA
lstrlenA
GetTickCount
CheckNameLegalDOS8Dot3W
CreateFileW
GetModuleFileNameW
GlobalFree
GetCurrentThreadId
VirtualAlloc
CreateFileA
InterlockedDecrement
WaitForSingleObject
GlobalLock
GetCurrentProcessId
CreateMutexA
SetFilePointer
FreeLibrary

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 95KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24296a72e3f272c4ba2298413a423e72

Headers

File Characteristics

Imports

lz32

advapi32

kernel32

setupapi

Sections

.text Size: 95KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 512B - Virtual size: 4KB