77e2af57129021c9df4fb38197a9f98b_JaffaCakes118

General

Target

77e2af57129021c9df4fb38197a9f98b_JaffaCakes118
Size

185KB
MD5

77e2af57129021c9df4fb38197a9f98b
SHA1

54a7a960698b92b42086376b93803acc100ce0bd
SHA256

da342a31971d95286b37d1f5f6cc2597e281172c513e184b8137bf5796ac9011
SHA512

8b8c28cd291a863c44bc11128046fb9f5aeaf060c66c377eb0e4b768499505a4ee2ab6622c539b94b324c10a8ea2e11f1a146c2e8b90b7d989ac9b7bafcf7241
SSDEEP

3072:sjfd++g0tee5LLIzGHh8HBN0TVbrdHHCOwbS8/U+c7690jccJpKGk6fW8:UR7FL2GHacr0O8/U+c7vgwK96fW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77e2af57129021c9df4fb38197a9f98b_JaffaCakes118

Files

77e2af57129021c9df4fb38197a9f98b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23fb3c444b1ff152a735312426a2822b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
InitializeCriticalSection
LeaveCriticalSection
LCMapStringW
MultiByteToWideChar
GetStringTypeA
FreeLibrary
GetOEMCP
AddAtomA
GetModuleHandleA
FindFirstFileA
GetEnvironmentStringsW
lstrcmpiA
FreeEnvironmentStringsW
lstrcpyA
CreateFileA
GetStringTypeW
lstrcpynA
GetFileAttributesA
IsBadReadPtr
DeleteCriticalSection
GetCPInfo
GetFullPathNameA
SetStdHandle
EnumResourceNamesW
CloseHandle
GetDiskFreeSpaceA
LoadLibraryA
lstrcmpA
SetUnhandledExceptionFilter
IsBadCodePtr
UnhandledExceptionFilter
LCMapStringA
SetDllDirectoryW
GetEnvironmentStrings
Sleep
GetStartupInfoA
MulDiv
WideCharToMultiByte
EnterCriticalSection
FreeEnvironmentStringsA
ReadFile
GetTickCount
lstrlenA
FlushFileBuffers
GetCurrentThreadId
GetThreadLocale
SetFilePointer
GetLastError
GetProcAddress
VirtualProtect
WriteFile
RaiseException

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 98KB - Virtual size: 246KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23fb3c444b1ff152a735312426a2822b

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 98KB - Virtual size: 246KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 83KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 246KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 83KB

.rsrc
Size: 512B - Virtual size: 4KB