a063420a96bf7588e1a58821aea34ee3_JaffaCakes118

General

Target

a063420a96bf7588e1a58821aea34ee3_JaffaCakes118
Size

186KB
MD5

a063420a96bf7588e1a58821aea34ee3
SHA1

d661903a8edf6eca34e839b1df0ae69306cadb5d
SHA256

27a12d5e8caf1ecdeb92d9c8eb650aad0fd6e42181e903aedb55a762f68d694a
SHA512

de36c56a284ac56f9fc50f9e27c58fbf0163b0f19dfdedc3ac7150cce41a35c53958622d01eea5a907ba78966e8b32a34df4c376bf429b47971f238b74bee44d
SSDEEP

3072:0n7M04yollZKtMHOEECax6OFzkMbKmRcjSYXGwOtO9ciuHsV/jzAn5Ug+DYjHYfJ:0n0yQerRF6OFzVvcjS9tO9u8zq5UnsH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a063420a96bf7588e1a58821aea34ee3_JaffaCakes118

Files

a063420a96bf7588e1a58821aea34ee3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e68692fb6f5ba531acc4e107c6f6a106

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyExA
RegCloseKey

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

LoadLibraryExW
GlobalAddAtomA
WriteConsoleW
FileTimeToSystemTime
LocalAlloc
CreateFileW
CreateEventA
MapViewOfFile
CloseHandle
CreateThread
UnmapViewOfFile
WaitForSingleObject
FileTimeToLocalFileTime
LocalFree
GetSystemDirectoryW
GetTempPathW
GetEnvironmentVariableW
EnumResourceNamesA
GetCurrentThreadId
CreateDirectoryW
CreateFileMappingA
GetSystemTime
GetCommandLineA
ReadFileScatter
CopyFileW
GetModuleHandleW
CreateWaitableTimerA
ResetEvent
CreateProcessW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
MoveFileExW
GetExitCodeProcess
SetEvent
GetVersionExW
CreateFileA

Sections

.text
Size: 101KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e68692fb6f5ba531acc4e107c6f6a106

Headers

File Characteristics

Imports

lz32

advapi32

setupapi

kernel32

Sections

.text Size: 101KB - Virtual size: 241KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 81KB - Virtual size: 80KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 101KB - Virtual size: 241KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 81KB - Virtual size: 80KB

.rsrc
Size: 512B - Virtual size: 4KB