688450975d71ef44bd73445bb97b5ee9_JaffaCakes118

General

Target

688450975d71ef44bd73445bb97b5ee9_JaffaCakes118
Size

186KB
MD5

688450975d71ef44bd73445bb97b5ee9
SHA1

3fb210c5eb18c9e50d812adafb939b5b6f385548
SHA256

d72637eff3b8f134accda79410982b46743b1160dc1a032ef4866a1bbd0913a6
SHA512

04ab9ccaa19de677893f74a1b1bdbf42eb2346d6804ab67292240ba4a8c775833588f2ddb19299a7c518dfa7d4385cae9d7352a3e46fcf5653287e2d0fcad50f
SSDEEP

3072:5wrXYZnMisb/SLStRBRANDxzP0FHuxYB2DPmaq5BHa/YoBUDa81:5w6sb/s+3A5t0pfB2qaq5XoBUDx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
688450975d71ef44bd73445bb97b5ee9_JaffaCakes118

Files

688450975d71ef44bd73445bb97b5ee9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e676c685acd1b2c1c0c0da50d747a9fc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

CloseHandle
ReadFile
FreeLibrary
IsBadCodePtr
WideCharToMultiByte
LCMapStringA
MulDiv
GetFullPathNameA
AddAtomA
GetDiskFreeSpaceA
GetStringTypeW
WriteFile
GetStartupInfoA
lstrcpynA
GetProcAddress
UnhandledExceptionFilter
lstrcpyA
GetThreadLocale
GetLastError
InitializeCriticalSection
GetCurrentThreadId
LeaveCriticalSection
LCMapStringW
EnumResourceNamesW
FreeEnvironmentStringsA
GetTickCount
lstrlenA
GetOEMCP
GetEnvironmentStringsW
LoadLibraryA
EnterCriticalSection
lstrcmpiA
CreateFileA
GetStringTypeA
SetUnhandledExceptionFilter
IsBadReadPtr
SetStdHandle
GetCPInfo
GetEnvironmentStrings
SetDllDirectoryW
FindFirstFileA
Sleep
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointer
lstrcatA
VirtualProtect
lstrcmpA
DeleteCriticalSection
GetFileAttributesA
MultiByteToWideChar
GetModuleHandleA
RaiseException

Sections

.text
Size: 100KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e676c685acd1b2c1c0c0da50d747a9fc

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 100KB - Virtual size: 244KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 82KB - Virtual size: 81KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 244KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 82KB - Virtual size: 81KB

.rsrc
Size: 512B - Virtual size: 4KB