96a753342fc03747d6c2232b84bd7626_JaffaCakes118

General

Target

96a753342fc03747d6c2232b84bd7626_JaffaCakes118
Size

184KB
MD5

96a753342fc03747d6c2232b84bd7626
SHA1

cfd52f9c624adb26b96b37c02f5d07bf1af898d2
SHA256

3d692511051d6a1debed8846d5045f3eb4cdca730c96ade5df271c022049b3b2
SHA512

1e5be3c945a86eed5a9c022cc77aca3a08d2a4da7a96d19cfc1ff597fa1159536c8915e5ff4011bfd9112f3a506de869816b4037d43ef79a958ea2ffc4ec7b22
SSDEEP

3072:LgXATzoGqyhZCsDw3Qb2BAMJc/beUz097bpUTkIN818acQx:cmqgo/gb2Be/bF0x9UT3a1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96a753342fc03747d6c2232b84bd7626_JaffaCakes118

Files

96a753342fc03747d6c2232b84bd7626_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf49e20e074afd23daeddf6e605a3cbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegOpenKeyA
RegQueryValueExA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyExA
RegCloseKey

kernel32

WideCharToMultiByte
GetStartupInfoA
HeapSize
TlsGetValue
AddAtomW
SetFilePointer
GetEnvironmentStrings
FlushFileBuffers
GetEnvironmentStringsW
GetFileType
LCMapStringW
FreeEnvironmentStringsW
GetCurrentProcess
GetACP
FreeEnvironmentStringsA
GetVersionExA
GetThreadLocale
GetFileAttributesA
GetLocaleInfoA
EnumResourceNamesA
ReadFile
FindFirstFileA
SetUnhandledExceptionFilter
IsBadCodePtr
GetStringTypeA
TerminateProcess
GetModuleFileNameA
GetCPInfo
SetHandleCount
VirtualProtect
WriteFileGather
IsBadReadPtr
GetOEMCP
SetStdHandle
GetFullPathNameA
GetStringTypeW
GetStdHandle
LCMapStringA
CreateFileA
TlsSetValue
WriteFile
UnhandledExceptionFilter
GetDiskFreeSpaceA

Sections

.text
Size: 99KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf49e20e074afd23daeddf6e605a3cbc

Headers

File Characteristics

Imports

setupapi

lz32

advapi32

kernel32

Sections

.text Size: 99KB - Virtual size: 238KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 81KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 99KB - Virtual size: 238KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 81KB

.rsrc
Size: 512B - Virtual size: 4KB