8a0c9241478777453af417a84e544b88_JaffaCakes118

General

Target

8a0c9241478777453af417a84e544b88_JaffaCakes118
Size

169KB
MD5

8a0c9241478777453af417a84e544b88
SHA1

60f3157744facf359c46d1b5a964f385954d06ae
SHA256

4c22d466ce66bab5902dcb9eda641ca3ec890ea73f5a004f8ecbbc42f9efc62e
SHA512

fafc488120d9020d7537ee7728bbf155d5e5e3e0c9dd0e4811c239688731af4eba8c18e23680bb56ca66c996d8790ce60ad61b6c7e523d4668753767a46f553c
SSDEEP

3072:YfJYMrKpRtI+hqyTnNqKs8Rt8ZrNb2KLpXSsvYTL4Hthhm/NvqrW5fY:CYtpHIknNrerw7srPW5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a0c9241478777453af417a84e544b88_JaffaCakes118

Files

8a0c9241478777453af417a84e544b88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9223b5ba25483945e160feb39ec56903

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
lstrcatA
GetFileAttributesA
LeaveCriticalSection
EnterCriticalSection
AddAtomA
WideCharToMultiByte
ReadFile
lstrcmpA
GetStartupInfoA
IsBadReadPtr
SetFilePointer
GetFullPathNameA
FreeLibrary
GetCurrentThreadId
LCMapStringA
GetCPInfo
UnhandledExceptionFilter
lstrcpynA
CreateFileA
lstrlenA
LoadLibraryA
GetEnvironmentStrings
GetThreadLocale
VirtualProtect
GetLastError
lstrcmpiA
EnumResourceNamesW
LCMapStringW
WriteFile
GetModuleHandleA
GetTickCount
GetDiskFreeSpaceA
SetDllDirectoryW
IsBadCodePtr
SetStdHandle
FindFirstFileA
InitializeCriticalSection
SetUnhandledExceptionFilter
lstrcpyA
CloseHandle
MulDiv
GetStringTypeA
DeleteCriticalSection
FlushFileBuffers
GetEnvironmentStringsW
Sleep
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetOEMCP
GetProcAddress
GetStringTypeW
RaiseException

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9223b5ba25483945e160feb39ec56903

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 91KB - Virtual size: 490KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 490KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 512B - Virtual size: 4KB