a3a08a20fd5ce17f0f2a823ced38ceae_JaffaCakes118

General

Target

a3a08a20fd5ce17f0f2a823ced38ceae_JaffaCakes118
Size

279KB
MD5

a3a08a20fd5ce17f0f2a823ced38ceae
SHA1

3088b1d30ffb0165f404746f9c1fc0d3b74c50ed
SHA256

f6c4669a43f973ba976f7ff2b0ce0202d33e69466b43962d6d7b1d2b85411d38
SHA512

58408054fa2e2da6892679ee87bb85142d9b52caff985a9889f77faba4428938e495252ead31b5ea7104473a2a7a6c9ac04a6a376736bd8aed77700ffe3c5b70
SSDEEP

6144:l3GadewRHJj5g19gx7NQJu/vkO0EPN3AwzLLSoqJy+x:l2alH9wu7E/GPNQWOj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3a08a20fd5ce17f0f2a823ced38ceae_JaffaCakes118

Files

a3a08a20fd5ce17f0f2a823ced38ceae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4050df0eb6888a53c998064223e07042

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

GetStringTypeW
GetEnvironmentStrings
GetVersionExA
LCMapStringW
GetFullPathNameA
TerminateProcess
AddAtomW
GetCurrentProcess
ReadFile
GetStartupInfoA
SetHandleCount
GetLocaleInfoA
GetStringTypeA
GetStdHandle
GetOEMCP
GetFileType
TlsGetValue
GetModuleFileNameA
EnumResourceNamesA
WriteFile
LCMapStringA
GetFileAttributesA
WideCharToMultiByte
HeapSize
SetStdHandle
IsBadReadPtr
FreeEnvironmentStringsW
GetCPInfo
GetACP
VirtualProtect
TlsSetValue
FreeEnvironmentStringsA
GetEnvironmentStringsW
WriteFileGather
CreateFileA
UnhandledExceptionFilter
SetFilePointer
GetThreadLocale
IsBadCodePtr
FindFirstFileA
SetUnhandledExceptionFilter
FlushFileBuffers
GetDiskFreeSpaceA

Sections

.text
Size: 139KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4050df0eb6888a53c998064223e07042

Headers

File Characteristics

Imports

lz32

advapi32

setupapi

kernel32

Sections

.text Size: 139KB - Virtual size: 270KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 136KB - Virtual size: 136KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 139KB - Virtual size: 270KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 136KB - Virtual size: 136KB

.rsrc
Size: 512B - Virtual size: 4KB