6195acf1276a635931023527106ab275_JaffaCakes118

General

Target

6195acf1276a635931023527106ab275_JaffaCakes118
Size

174KB
MD5

6195acf1276a635931023527106ab275
SHA1

9ef67158422cc40b50f6ef6b10ea3a4548073a36
SHA256

c87fe3aa8653b04774e78ab10cafc962c1928c0fd57e279b294c04f73edd601f
SHA512

81023e735bf3c82aa3162b938b842e2195c075158072071dfbcd0ac25c18c322ba04d96ebee5f1f4ff4449261e031c5c012139dd37352d758a08e4673e9a24a2
SSDEEP

3072:x29nzf1mnZ6JlLpk6IiB9wDl1iD7oV5IoCyPXWR/3QhqjcH:49nz7prB9wDl1iDUf8yPGR/3Qh8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6195acf1276a635931023527106ab275_JaffaCakes118

Files

6195acf1276a635931023527106ab275_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b15d38d632bc6178da6a45bcc895c737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

kernel32

GlobalFree
CreateFileA
ReleaseMutex
CopyFileA
AddAtomW
GetSystemTime
Sleep
GetFileAttributesA
GetModuleFileNameA
VirtualAlloc
GlobalUnlock
QueryPerformanceCounter
CreateDirectoryA
LocalFree
DeleteFileA
lstrlenA
CreateFileW
GetSystemTimeAsFileTime
GetModuleFileNameW
LocalAlloc
CloseHandle
GlobalLock
EnumResourceNamesA
GetTempFileNameA
SetFileAttributesA
InterlockedDecrement
GetVersionExA
GetVolumeInformationA
GetFileSize
DisableThreadLibraryCalls
WideCharToMultiByte
SetFilePointer
CreateMutexA
CheckNameLegalDOS8Dot3W
VirtualFree
GetCurrentProcessId
ReadFile
MultiByteToWideChar
GetLastError
GetTempPathA
DeleteCriticalSection
DeviceIoControl
InterlockedIncrement
GetCurrentThreadId
GetTickCount
WaitForSingleObject
InitializeCriticalSection
FreeLibrary

Sections

.text
Size: 93KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b15d38d632bc6178da6a45bcc895c737

Headers

File Characteristics

Imports

setupapi

advapi32

lz32

kernel32

Sections

.text Size: 93KB - Virtual size: 233KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 233KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 4KB