ce3030451b997a2f1a43144882a525b7_JaffaCakes118

General

Target

ce3030451b997a2f1a43144882a525b7_JaffaCakes118
Size

184KB
MD5

ce3030451b997a2f1a43144882a525b7
SHA1

9123238ef78e33e3f9c1f6f3183819409c753aa6
SHA256

63402c958e617e931847c43ffa13c47eae3fd1dc28206c3e32300697bb5b981b
SHA512

c994ef370255559f8bfd694762edcb54779dcdfa42b4ecdc88ab0c9cfa594b0bc3cc970a2cb6c2a696c5268ad999904ded400ec119891c972cc8f43ad92015c4
SSDEEP

3072:KEldAOrLh/5/bptrHbDfHF3+0kc+HHx3UmdZqkGy6wu65WF2drxS4T8p6AijIc:1bRrL3//rHbDfH0ltuy6wrcF2drxdYIj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce3030451b997a2f1a43144882a525b7_JaffaCakes118

Files

ce3030451b997a2f1a43144882a525b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

278be08075d677bd9c2a1472b8aea1d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

UnhandledExceptionFilter
Sleep
lstrcpynA
IsBadReadPtr
MulDiv
lstrcmpiA
AddAtomA
lstrcatA
GetThreadLocale
MultiByteToWideChar
GetFileAttributesA
lstrcpyA
GetCurrentThreadId
GetModuleHandleA
EnterCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
GetFullPathNameA
LCMapStringA
CloseHandle
SetFilePointer
DeleteCriticalSection
GetOEMCP
EnumResourceNamesW
LoadLibraryA
GetDiskFreeSpaceA
GetLastError
FreeEnvironmentStringsW
GetProcAddress
lstrlenA
GetEnvironmentStringsW
FreeLibrary
IsBadCodePtr
SetUnhandledExceptionFilter
GetStringTypeA
SetStdHandle
VirtualProtect
lstrcmpA
LeaveCriticalSection
WriteFile
SetDllDirectoryW
ReadFile
WideCharToMultiByte
LCMapStringW
FindFirstFileA
InitializeCriticalSection
GetStringTypeW
GetCPInfo
GetTickCount
GetStartupInfoA
CreateFileA
FlushFileBuffers
RaiseException

Sections

.text
Size: 93KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

278be08075d677bd9c2a1472b8aea1d1

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 93KB - Virtual size: 240KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 87KB - Virtual size: 87KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 240KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 87KB - Virtual size: 87KB

.rsrc
Size: 512B - Virtual size: 4KB