93d37d8cccb47bb3fc8ca8968a6c574d_JaffaCakes118

General

Target

93d37d8cccb47bb3fc8ca8968a6c574d_JaffaCakes118
Size

279KB
MD5

93d37d8cccb47bb3fc8ca8968a6c574d
SHA1

aa103f8641b0e64b7aed6d9ebe71bb8c2a1ccfe3
SHA256

6558248cb176b5ffdb42fef6776c97e8ceec53a44c1a80a888b1b9e3b0fad456
SHA512

81b720f3716598e842e5afc58d35007d9456ec9543dc806bf0060804a880a7fefc285e6a419426c8bca839e6850cd8468e42d3d89db6288f1df28b144236dd6b
SSDEEP

6144:6N6xD6hdg1eJeqEwRmH4ac34Rq0AY29zS96RMu0MVxASeLg:64pOdPcwRmHlc34Rqc29e40MVxASeL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93d37d8cccb47bb3fc8ca8968a6c574d_JaffaCakes118

Files

93d37d8cccb47bb3fc8ca8968a6c574d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56069572d9945cea11a9e09a8a4ca7c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetStringTypeW
GetDiskFreeSpaceA
FreeEnvironmentStringsA
AddAtomA
GetTickCount
lstrcpyA
GetModuleHandleA
DeleteCriticalSection
LCMapStringA
GetFullPathNameA
WideCharToMultiByte
FreeLibrary
VirtualProtect
CloseHandle
GetThreadLocale
SetStdHandle
MulDiv
GetCurrentThreadId
lstrcmpA
ReadFile
lstrcpynA
GetLastError
FindFirstFileA
lstrcmpiA
EnterCriticalSection
lstrlenA
EnumResourceNamesW
CreateFileA
FlushFileBuffers
lstrcatA
InitializeCriticalSection
GetStartupInfoA
GetCPInfo
UnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
GetOEMCP
IsBadCodePtr
SetDllDirectoryW
LoadLibraryA
GetEnvironmentStrings
GetProcAddress
LeaveCriticalSection
Sleep
SetUnhandledExceptionFilter
GetFileAttributesA
GetStringTypeA
GetEnvironmentStringsW
WriteFile
SetFilePointer
IsBadReadPtr
RaiseException

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 149KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56069572d9945cea11a9e09a8a4ca7c0

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 149KB - Virtual size: 284KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 127KB - Virtual size: 126KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 149KB - Virtual size: 284KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 127KB - Virtual size: 126KB

.rsrc
Size: 512B - Virtual size: 4KB