a298fd82db608de32f1a7cdcb6773284_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a298fd82db608de32f1a7cdcb6773284_JaffaCakes118
Size

224KB
MD5

a298fd82db608de32f1a7cdcb6773284
SHA1

fc09852e2255d38a601d950b909b24fe9a34fc28
SHA256

36602438690028afdf934298083c29443beba25251da3cc4a2ab7494f79d6734
SHA512

1af67291cb64c1a372a2fc81b572111e8991b04dd9a945b799c1fe910d60717443d6aba89509c1ad885202a5207dacba41d9b2178ba2d09316d5f972f62d6880
SSDEEP

3072:70MeVqmthBGYPI1A6bEt0uEpo8eaAojptdqZTat7UjybcooAD65edLr0yLU2dZ:uqkBX2nbQBQeCpCalUj+cooxIqyJdZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a298fd82db608de32f1a7cdcb6773284_JaffaCakes118

Files

a298fd82db608de32f1a7cdcb6773284_JaffaCakes118
.exe windows:4 windows x86 arch:x86

295aae5017f15c9638ab7c98a6911783

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupAddToSourceListW
SetupCancelTemporarySourceList
SetupCopyOEMInfW
SetupDefaultQueueCallbackW
SetupFreeSourceListW
SetupGetFieldCount
SetupGetIntField
SetupGetLineByIndexW
SetupGetLineCountW
SetupGetLineTextW
SetupGetSourceInfoW
SetupGetStringFieldW
SetupGetTargetPathW
SetupInitDefaultQueueCallback
SetupIterateCabinetW
SetupPromptReboot
SetupQueryInfVersionInformationW
SetupQuerySourceListW
SetupQuerySpaceRequiredOnDriveW
SetupQueueCopyW
SetupQueueRenameW
SetupRemoveFromSourceListW
SetupSetPlatformPathOverrideW
SetupSetSourceListW
SetupTermDefaultQueueCallback
SetupGetInfInformationW

kernel32

GetTempPathW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetFilePointer
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
HeapSize
CreateFileA
FlushFileBuffers
SetStdHandle
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
GetModuleFileNameW
UnhandledExceptionFilter
GetModuleFileNameA
GetProfileStringW
lstrcmpW
GetSystemTimeAsFileTime
SetSystemPowerState
GetCPInfo
WaitForSingleObject
LoadLibraryW
CloseHandle
ReadFile
GetFileSize
SetEndOfFile
CreateFileW
DeleteCriticalSection
FindClose
FindNextFileW
FindFirstFileW
TlsSetValue
TlsAlloc
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
GetStartupInfoW
GetVersionExA
GetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WriteFile
GetStdHandle

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 777KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

295aae5017f15c9638ab7c98a6911783

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 128KB - Virtual size: 777KB

.idata Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 128KB - Virtual size: 777KB

.idata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 8KB