b22d528861621bc95211f862b0163ca2_JaffaCakes118

General

Target

b22d528861621bc95211f862b0163ca2_JaffaCakes118
Size

174KB
MD5

b22d528861621bc95211f862b0163ca2
SHA1

31f1468987b16fe068bd450aa9f9e7a0956aff20
SHA256

1fccacf59809d766765be63372b2ac6bf24e31f0a8bcb7886bd0e949fc3bbeb7
SHA512

f092e41adf17f8a79ecd5a4e715ccbed0f3da676083417a17e33ba9f97f6bdf6699324f3801b42189615270df2b78d543c411ced5f3d54d1711d5eff0f423208
SSDEEP

3072:uBntvZBo22GyMj49ZvdQHqvfTneZb1jS+Gw2j+aCqpvgt7wddzU:uBtvZBUE4SHqvfyNfSC4vEwddA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b22d528861621bc95211f862b0163ca2_JaffaCakes118

Files

b22d528861621bc95211f862b0163ca2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2241d8aa7e573150c4894aa9f8827c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
MultiByteToWideChar
GetVersionExA
GetFileSize
AddAtomW
VirtualFree
CreateMutexA
VirtualAlloc
QueryPerformanceCounter
ReadFile
CreateFileW
InterlockedDecrement
GetTempFileNameA
GetSystemTimeAsFileTime
GetModuleFileNameW
CreateDirectoryA
GetFileAttributesA
ReleaseMutex
lstrlenA
SetFileAttributesA
CloseHandle
GetVolumeInformationA
GetTickCount
LocalFree
WaitForSingleObject
GlobalFree
EnumResourceNamesA
LocalAlloc
CopyFileA
GlobalLock
GetCurrentThreadId
FindResourceA
GetCurrentProcessId
GlobalUnlock
DisableThreadLibraryCalls
Sleep
WideCharToMultiByte
CreateFileA
InterlockedIncrement
GetTempPathA
InitializeCriticalSection
DeleteCriticalSection
GetSystemTime
GetLastError
SetFilePointer
GetModuleFileNameA
DeleteFileA
FreeLibrary

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 95KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c2241d8aa7e573150c4894aa9f8827c4

Headers

File Characteristics

Imports

kernel32

setupapi

lz32

advapi32

Sections

.text Size: 95KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 512B - Virtual size: 4KB