62a0de16b0317bd4754a272f0532132c_JaffaCakes118

General

Target

62a0de16b0317bd4754a272f0532132c_JaffaCakes118
Size

167KB
MD5

62a0de16b0317bd4754a272f0532132c
SHA1

c96d831bc485046dbc3fbddb7235f5289e242f6f
SHA256

5410a0fe489bef3854521c3cbe32959453b0f2ee548a39f95c34a8662adc9575
SHA512

5e368032520ff41d10fe6e4c336eba2975b6f5ea820b2b1b163a78fe82f88d22b4ead5349c24e652b1768322368b8683c939138d3fd31384d68e922f9c953e61
SSDEEP

3072:z7Cxm8T68RSUHosLgBdJWoL06PAG1lDejbBBCwUIxn36kcYh1bvlIzQSH:By68RdI+gooL06PAGOPBTDn36kc2vldS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a0de16b0317bd4754a272f0532132c_JaffaCakes118

Files

62a0de16b0317bd4754a272f0532132c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50fb63cc32f15fda3605536cb59d407c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

UnhandledExceptionFilter
WideCharToMultiByte
GetCPInfo
AddAtomW
SetFilePointer
GetEnvironmentStrings
GetStartupInfoA
WriteFile
ReadFile
LCMapStringW
IsBadCodePtr
CreateFileA
GetACP
SetHandleCount
GetStdHandle
GetStringTypeW
FreeEnvironmentStringsA
GetCurrentProcess
GetOEMCP
TerminateProcess
EnumResourceNamesA
GetStringTypeA
TlsSetValue
SetStdHandle
FreeEnvironmentStringsW
GetLocaleInfoA
GetThreadLocale
GetEnvironmentStringsW
LCMapStringA
WriteFileGather
GetFileAttributesA
GetVersionExA
GetFullPathNameA
VirtualProtect
GetModuleFileNameA
SetUnhandledExceptionFilter
TlsGetValue
HeapSize
FlushFileBuffers
GetFileType
IsBadReadPtr
FindFirstFileA
GetDiskFreeSpaceA

advapi32

RegQueryValueA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegQueryValueExA
RegEnumKeyA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

Sections

.text
Size: 87KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50fb63cc32f15fda3605536cb59d407c

Headers

File Characteristics

Imports

setupapi

kernel32

advapi32

lz32

Sections

.text Size: 87KB - Virtual size: 482KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 482KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 4KB