700db6827d2e1dcfd0f8423d80795095_JaffaCakes118

General

Target

700db6827d2e1dcfd0f8423d80795095_JaffaCakes118
Size

185KB
MD5

700db6827d2e1dcfd0f8423d80795095
SHA1

4e3359ede543dea22955577aa729b93ec151ad2c
SHA256

9597a6978d52b2390d7c804c31c3eab2ed13a7dc73066da9632e265908d30e80
SHA512

195015ef92b934b2684972ad2b7cbaaf3c73593e6ff09e83f62554c3314948218a7b0374383b35244bbec2f2045dfc021418a94a658cfa2d991591583365d7dc
SSDEEP

3072:GjKF378UYhk1Lr8voYljIRip0Ym5A8KakZ37VUBIcme426GyC6WNAXancLh:GuF3gUY+1LABIR4tlaQ376Xm12cVc9ne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
700db6827d2e1dcfd0f8423d80795095_JaffaCakes118

Files

700db6827d2e1dcfd0f8423d80795095_JaffaCakes118
.exe windows:4 windows x86 arch:x86

29d9cf963a2dbdb6386bbd6cf4663ce6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetThreadLocale
EnterCriticalSection
AddAtomA
lstrlenA
GetStartupInfoA
lstrcmpiA
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeA
FreeLibrary
InitializeCriticalSection
GetOEMCP
Sleep
GetTickCount
FreeEnvironmentStringsW
IsBadReadPtr
SetFilePointer
SetUnhandledExceptionFilter
lstrcatA
GetLastError
GetModuleHandleA
LoadLibraryA
MultiByteToWideChar
UnhandledExceptionFilter
GetDiskFreeSpaceA
GetFileAttributesA
LeaveCriticalSection
VirtualProtect
GetProcAddress
MulDiv
EnumResourceNamesW
SetDllDirectoryW
LCMapStringA
FindFirstFileA
GetStringTypeW
CreateFileA
GetCPInfo
LCMapStringW
SetStdHandle
lstrcmpA
GetFullPathNameA
CloseHandle
GetEnvironmentStrings
DeleteCriticalSection
ReadFile
WriteFile
lstrcpynA
FreeEnvironmentStringsA
IsBadCodePtr
FlushFileBuffers
lstrcpyA
RaiseException

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 97KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29d9cf963a2dbdb6386bbd6cf4663ce6

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 97KB - Virtual size: 240KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 84KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 240KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 84KB

.rsrc
Size: 512B - Virtual size: 4KB