8de1e31be3784addd61c554f689c57a9_JaffaCakes118

General

Target

8de1e31be3784addd61c554f689c57a9_JaffaCakes118
Size

172KB
MD5

8de1e31be3784addd61c554f689c57a9
SHA1

a68f0cd601c63a0b9a85c2d7097ef03ec77adb57
SHA256

43bf50dfb662193c48435b9344ca487a764fb8669787da8fa8913b4a7abcc7d1
SHA512

0d27b6f9799c627cc92e160bb250ecb625f7dd3e13fda03ed6d4146efbaddb694fddaf0885f143b7c3b831da2876899c7b76e24bea71c08664a38a3a6015b43f
SSDEEP

3072:u78Pe6LvMzhPgPfhzOfKozh4g7BUoDNiUqb:u7mLwPu1OfKolP9DNiUI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8de1e31be3784addd61c554f689c57a9_JaffaCakes118

Files

8de1e31be3784addd61c554f689c57a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c034f1a35202a8a20c59ed4bc59b58e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

advapi32

RegCloseKey
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

kernel32

GetCurrentThreadId
GetSystemTimeAsFileTime
GetShortPathNameA
GetTickCount
GetACP
GetLocaleInfoA
LoadLibraryA
GetLastError
IsBadWritePtr
lstrlenW
LeaveCriticalSection
GetProcessHandleCount
InterlockedExchange
UnhandledExceptionFilter
WideCharToMultiByte
IsBadReadPtr
InterlockedDecrement
GetCurrentProcessId
CloseHandle
GetModuleHandleA
InterlockedIncrement
SetUnhandledExceptionFilter
EnumResourceTypesA
DeleteCriticalSection
LocalFree
GetThreadLocale
InitializeCriticalSection
lstrlenA
GetFileAttributesA
ExitProcess
QueryPerformanceCounter
MultiByteToWideChar
CreateFileA
EnterCriticalSection
FreeLibrary
GetProcAddress
IsDebuggerPresent
GetVersionExA

shell32

SHGetSpecialFolderPathA

user32

wsprintfA
wsprintfW

ole32

StgCreateDocfile
StgOpenStorage

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c034f1a35202a8a20c59ed4bc59b58e4

Headers

File Characteristics

Imports

setupapi

advapi32

kernel32

shell32

user32

ole32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 96KB