886a603444d6a8ee89a9a139935691a1_JaffaCakes118

General

Target

886a603444d6a8ee89a9a139935691a1_JaffaCakes118
Size

167KB
MD5

886a603444d6a8ee89a9a139935691a1
SHA1

21b18a7e0031247b7d214e44cb22447b18f317e8
SHA256

842b531657002c41ed8fb897033e0d82815a8f023e186cf6dbe562abb06fce7f
SHA512

9bac2e2443b3694eb2173c3d08a252b52b4ef86532d6fb6980e21c6ada5d0b032c0778bcde7a8100355add9de65644edf5a12de01c40a4a166ddb8493ef1a82b
SSDEEP

3072:oK3pfB74p80G9KpMgHvp4UhjgYsH3VX5Ez5pKEmP912:oK56p80G0pMSKUpgYst5Yc112

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
886a603444d6a8ee89a9a139935691a1_JaffaCakes118

Files

886a603444d6a8ee89a9a139935691a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

431ce7a66be40a27bd24a34e86948a02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

DeviceIoControl
QueryPerformanceCounter
DisableThreadLibraryCalls
AddAtomW
GlobalUnlock
LocalAlloc
CreateFileA
lstrlenA
SetFilePointer
GlobalFree
LocalFree
CreateMutexA
Sleep
CopyFileA
GetTempFileNameA
GetVolumeInformationA
CloseHandle
MultiByteToWideChar
InitializeCriticalSection
VirtualAlloc
GetModuleFileNameW
GetVersionExA
GetFileAttributesA
GetCurrentProcessId
GetSystemTime
EnumResourceNamesA
GetFileSize
WideCharToMultiByte
GetLastError
FindResourceA
SetFileAttributesA
WaitForSingleObject
InterlockedIncrement
DeleteCriticalSection
ReleaseMutex
ReadFile
CreateDirectoryA
GetTempPathA
InterlockedDecrement
GetTickCount
CreateFileW
VirtualFree
GetModuleFileNameA
GlobalLock
GetSystemTimeAsFileTime
DeleteFileA
GetCurrentThreadId
FreeLibrary

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey

Sections

.text
Size: 86KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

431ce7a66be40a27bd24a34e86948a02

Headers

File Characteristics

Imports

setupapi

kernel32

lz32

advapi32

Sections

.text Size: 86KB - Virtual size: 482KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 482KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 512B - Virtual size: 4KB