76a7d3d1e78263f933985cf98c278732_JaffaCakes118

General

Target

76a7d3d1e78263f933985cf98c278732_JaffaCakes118
Size

178KB
MD5

76a7d3d1e78263f933985cf98c278732
SHA1

fce4f9026afe2984ed39156f82b4392d3b047020
SHA256

ce7be519763026a794cfb989c4f6b59c725f5db516874910bc01fc4e6535105d
SHA512

f18b2edb199bddf941c412e6bcc361efcf0a1ef06c2b67a4bf70ad88e1667fa2dfe8dad60f9bcfae2bb30756cbd31cdab81e1a120ed671b3d761874faf1f71b4
SSDEEP

3072:ejzUjA9F/ZjJVdr8kdaCdhhU2gBbtDuJ+MLDjQllQRW7KC58Kzk4rz5:e6oVZRT4WHIuJ9XQl6O58Koc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76a7d3d1e78263f933985cf98c278732_JaffaCakes118

Files

76a7d3d1e78263f933985cf98c278732_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed7f7282736ebc4f8e01c11f5c6b87a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

LeaveCriticalSection
CreateFileA
GetModuleHandleA
LoadLibraryA
GetLastError
AddAtomA
GetStringTypeW
GetCurrentThreadId
LCMapStringA
VirtualProtect
InitializeCriticalSection
FindFirstFileA
GetStringTypeA
lstrcpyA
lstrcmpiA
WriteFile
lstrcatA
DeleteCriticalSection
GetFileAttributesA
lstrcpynA
IsBadCodePtr
Sleep
GetTickCount
EnumResourceNamesW
IsBadReadPtr
GetStartupInfoA
FlushFileBuffers
SetStdHandle
GetFullPathNameA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
LCMapStringW
GetDiskFreeSpaceA
FreeEnvironmentStringsA
SetFilePointer
GetEnvironmentStrings
MulDiv
lstrcmpA
FreeLibrary
lstrlenA
WideCharToMultiByte
CloseHandle
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsW
MultiByteToWideChar
ReadFile
GetProcAddress
lstrlenA
EnterCriticalSection
GetCPInfo
GetThreadLocale
RaiseException

Sections

.text
Size: 93KB - Virtual size: 245KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed7f7282736ebc4f8e01c11f5c6b87a9

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 93KB - Virtual size: 245KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 81KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 245KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 512B - Virtual size: 4KB