b5bc5e7ae1642c7e754e45972b5c05ea_JaffaCakes118

General

Target

b5bc5e7ae1642c7e754e45972b5c05ea_JaffaCakes118
Size

174KB
MD5

b5bc5e7ae1642c7e754e45972b5c05ea
SHA1

e396d518a1e8a5d5208e413dbd76f4131d2ad9fb
SHA256

fd3e4e1911f777b02383c2977949329c6e0fcdd64926d8b80e2f581701838f45
SHA512

f5ee43110e89ff57b14b1c4f83ffd7362708b968d8322811aef32b4a9b090c681ae3c82b2fa3586e813bde5604121f3d8b624af84b8a53ff96332064f573270c
SSDEEP

3072:puIDo7jl52fCy93MMbjAZwdZf//m7CMQV0oQR43Y:puuo7jvx+9fEwHm7CMnoQR4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5bc5e7ae1642c7e754e45972b5c05ea_JaffaCakes118

Files

b5bc5e7ae1642c7e754e45972b5c05ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5ae2c6ab6ac2df5b92906d2cf6d0b75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegQueryValueExA
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyExA
RegOpenKeyA
RegEnumKeyA
RegCloseKey

kernel32

GetFileAttributesA
GetCurrentThreadId
GetModuleFileNameA
MultiByteToWideChar
GetVolumeInformationA
AddAtomW
DisableThreadLibraryCalls
WaitForSingleObject
GlobalFree
GlobalLock
GetSystemTimeAsFileTime
VirtualFree
GetVersionExA
InitializeCriticalSection
CreateDirectoryA
SetFileAttributesA
Sleep
CreateFileA
GetTickCount
SetFilePointer
LocalFree
LocalAlloc
EnumResourceNamesA
GlobalUnlock
DeleteCriticalSection
GetModuleFileNameW
CloseHandle
InterlockedDecrement
QueryPerformanceCounter
GetTempFileNameA
lstrlenA
ReleaseMutex
InterlockedIncrement
CreateMutexA
GetSystemTime
CreateHardLinkW
CreateFileW
GetCurrentProcessId
CopyFileA
DeviceIoControl
ReadFile
VirtualAlloc
GetLastError
DeleteFileA
WideCharToMultiByte
GetTempPathA
GetFileSize
FreeLibrary

lz32

LZCopy
LZClose
LZOpenFileA

Sections

.text
Size: 93KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5ae2c6ab6ac2df5b92906d2cf6d0b75

Headers

File Characteristics

Imports

setupapi

advapi32

kernel32

lz32

Sections

.text Size: 93KB - Virtual size: 232KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 232KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 512B - Virtual size: 4KB