8a4bee80579e599f0cb5781975d24250_JaffaCakes118

General

Target

8a4bee80579e599f0cb5781975d24250_JaffaCakes118
Size

275KB
MD5

8a4bee80579e599f0cb5781975d24250
SHA1

fc2dbab5add6ba0406aebdfaf11b91bda9933880
SHA256

ec9aeb80df7f1a0fb37239506bc9213343baddb2b50897a013a6a08c3a415b57
SHA512

5e3bc938e9f31329dd21ea62ddae3b5c830d059c6affa3b94bfb0243c5dddeacc782b8a3dd4dd07595ccb77facc50db9b9e45fee336cad9833e61dbebed99ffc
SSDEEP

6144:CbGEHVD7OTfNCm8aO15+494kGGn4tAPsU3rFpiAQUz0:Ov1DY815+4ykDU2HiAj4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4bee80579e599f0cb5781975d24250_JaffaCakes118

Files

8a4bee80579e599f0cb5781975d24250_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c20e1bc98826357f8e69f16e8b6a3ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetStartupInfoA
AddAtomW
GetOEMCP
TerminateProcess
WideCharToMultiByte
LCMapStringW
GetStringTypeA
WriteFile
FindFirstFileA
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetFullPathNameA
GetACP
FlushFileBuffers
GetStringTypeW
SetStdHandle
HeapSize
EnumResourceNamesA
IsBadCodePtr
GetModuleFileNameA
ReadFile
TlsGetValue
GetCurrentProcess
CreateFileA
GetFileType
GetEnvironmentStrings
GetLocaleInfoA
GetThreadLocale
SetFilePointer
WriteFileGather
GetCPInfo
IsBadReadPtr
LCMapStringA
VirtualProtect
GetVersionExA
UnhandledExceptionFilter
SetHandleCount
TlsSetValue
GetDiskFreeSpaceA

advapi32

RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 144KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c20e1bc98826357f8e69f16e8b6a3ba

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

lz32

Sections

.text Size: 144KB - Virtual size: 272KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 272KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB