5afb6f3d689edde0ceb5a75244c06f1e_JaffaCakes118

General

Target

5afb6f3d689edde0ceb5a75244c06f1e_JaffaCakes118
Size

268KB
MD5

5afb6f3d689edde0ceb5a75244c06f1e
SHA1

3edc9d96f363abc4299149c7543900e9d9d2d4ee
SHA256

a30290fc1db13f97e76f19e5bb36b566522c89f693a52685417eed3f6976c677
SHA512

5af05b1d11d6824964e57081a2216efa97d5eaceffb59436b1267e336cc58d03c3041ca4f81bd54635df7371b7190b15c7a9645ac50dd306ed6274711495ddc1
SSDEEP

6144:wH6+w4pS7/m7mWdXnrYJpwH9dsFIujPDL+kNrRWGxs:GZg7+7mWJYJpy9DujdNrRBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5afb6f3d689edde0ceb5a75244c06f1e_JaffaCakes118

Files

5afb6f3d689edde0ceb5a75244c06f1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

19652999371ccfdb85b89ab616fe090c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
SetFilePointer
AddAtomA
LoadLibraryA
UnhandledExceptionFilter
GetEnvironmentStringsW
FindFirstFileA
DeleteCriticalSection
Sleep
SetUnhandledExceptionFilter
GetCPInfo
CreateFileA
LCMapStringA
MultiByteToWideChar
lstrcmpA
WriteFile
FlushFileBuffers
EnterCriticalSection
IsBadReadPtr
FreeEnvironmentStringsA
LeaveCriticalSection
lstrlenA
EnumResourceNamesW
GetProcAddress
FreeEnvironmentStringsW
VirtualProtect
lstrcpynA
GetStartupInfoA
GetLastError
CloseHandle
MulDiv
InitializeCriticalSection
WideCharToMultiByte
GetFileAttributesA
GetTickCount
GetEnvironmentStrings
GetStringTypeW
GetDiskFreeSpaceA
lstrlenA
GetThreadLocale
GetOEMCP
GetStringTypeA
FreeLibrary
IsBadCodePtr
lstrcmpiA
GetModuleHandleA
GetCurrentThreadId
LCMapStringW
lstrcatA
GetFullPathNameA
SetStdHandle
ReadFile
RaiseException

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 132KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19652999371ccfdb85b89ab616fe090c

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 132KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 132KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB