8ac8f1fa3e6db110e025b85a0ca45b77_JaffaCakes118

General

Target

8ac8f1fa3e6db110e025b85a0ca45b77_JaffaCakes118
Size

257KB
MD5

8ac8f1fa3e6db110e025b85a0ca45b77
SHA1

c901b509ade21fb8538df3fbdc3badd18b9ae429
SHA256

728a8e1cbb80676b69ea7debff753bbd62cc04f39722808ad051b6cd4e279891
SHA512

61d5dffb5b836cfcbbc067fb0724e38e891d928757b7ad56ee7969ded4c1d44ec6d1063b52b6f0575cf0338e02452354b4f9ef58c114ee201877f20ca0f86a16
SSDEEP

6144:CbGEHVD7OTfNCm8aO15+494kGGn4tAPsU3rFpiAQU1:Ov1DY815+4ykDU2HiAj1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ac8f1fa3e6db110e025b85a0ca45b77_JaffaCakes118

Files

8ac8f1fa3e6db110e025b85a0ca45b77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c20e1bc98826357f8e69f16e8b6a3ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetStartupInfoA
AddAtomW
GetOEMCP
TerminateProcess
WideCharToMultiByte
LCMapStringW
GetStringTypeA
WriteFile
FindFirstFileA
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetFullPathNameA
GetACP
FlushFileBuffers
GetStringTypeW
SetStdHandle
HeapSize
EnumResourceNamesA
IsBadCodePtr
GetModuleFileNameA
ReadFile
TlsGetValue
GetCurrentProcess
CreateFileA
GetFileType
GetEnvironmentStrings
GetLocaleInfoA
GetThreadLocale
SetFilePointer
WriteFileGather
GetCPInfo
IsBadReadPtr
LCMapStringA
VirtualProtect
GetVersionExA
UnhandledExceptionFilter
SetHandleCount
TlsSetValue
GetDiskFreeSpaceA

advapi32

RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 144KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c20e1bc98826357f8e69f16e8b6a3ba

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

lz32

Sections

.text Size: 144KB - Virtual size: 272KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 272KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB