69d9d9537f59843177e90d7c4f4a2c06_JaffaCakes118

General

Target

69d9d9537f59843177e90d7c4f4a2c06_JaffaCakes118
Size

281KB
MD5

69d9d9537f59843177e90d7c4f4a2c06
SHA1

46a83eb4b51033897ce5c26760711a5ee7d2e954
SHA256

5ac05b5be835a83d42b10d4c4accb0963cf56fca67abeac61b7a7df6cf879903
SHA512

39ebabbba2e334e4f96a1a527f0b64ff14b2deca2936296d5f8b1c5c44daa125513d7530cb2e87edff36abb37b11f3e412d9ad8249ab95194bec8b943022d5f5
SSDEEP

6144:QSYsUk1sra8wAtlTPyqyh47JveNTsSQfQyaROVXiZp6K0:2lmqlJ2fAQyaROVyZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69d9d9537f59843177e90d7c4f4a2c06_JaffaCakes118

Files

69d9d9537f59843177e90d7c4f4a2c06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2cb3dba9f94370edb21904d074423bf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZClose
LZOpenFileA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GlobalAddAtomA
FileTimeToSystemTime
SetFileAttributesW
CreateWaitableTimerA
GetCommandLineA
CreateEventA
WriteConsoleW
LocalFree
GetVersionExW
MoveFileExW
GetCurrentThreadId
MapViewOfFile
FileTimeToLocalFileTime
CopyFileW
DeleteFileW
LocalAlloc
UnmapViewOfFile
GetEnvironmentVariableW
CloseHandle
LoadLibraryExW
GetSystemTime
GetTempPathW
EnumResourceNamesA
SetEvent
CreateFileMappingA
ReadFileScatter
GetFileAttributesW
CreateProcessW
CreateThread
CreateFileW
GetExitCodeProcess
ResetEvent
GetModuleHandleW
CreateDirectoryW
WaitForSingleObject
GetSystemDirectoryW
CreateFileA

advapi32

RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

Sections

.text
Size: 148KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb3dba9f94370edb21904d074423bf3

Headers

File Characteristics

Imports

lz32

setupapi

kernel32

advapi32

Sections

.text Size: 148KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 129KB - Virtual size: 129KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 148KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 129KB - Virtual size: 129KB

.rsrc
Size: 512B - Virtual size: 4KB