cf3564c03524af00e76e2fbb2dc97e96_JaffaCakes118

General

Target

cf3564c03524af00e76e2fbb2dc97e96_JaffaCakes118
Size

163KB
MD5

cf3564c03524af00e76e2fbb2dc97e96
SHA1

1ec34fd27f17d39878c8dc857371a778c2fcca04
SHA256

bfea00ba2e95abaa7abbef40b2f3bbb062c9883686845aa494a807dfcd25dc8e
SHA512

920b0601ecd2b6705f78581eed8bce7c583247a020aa9a709d553db64001f229acebfd14a8da884e5b00d69a17adbf38b42ec30fbc1b1a4f508e5c0b9a7d60cf
SSDEEP

3072:2zU5vTOKrIhrRCXztiWgec2eUG0VByEe63dvTBnd+xAXWS6cUdUEDfIcQ:MU5JurezBc2eWyP63d96cHErY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf3564c03524af00e76e2fbb2dc97e96_JaffaCakes118

Files

cf3564c03524af00e76e2fbb2dc97e96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dddaa7b2ae0d0726ea21c160759e31f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLastError
GetTickCount
LoadLibraryA
lstrcmpA
AddAtomA
lstrcmpiA
GetStringTypeW
lstrcpynA
FindFirstFileA
InitializeCriticalSection
GetEnvironmentStrings
Sleep
lstrcpyA
LCMapStringA
GetThreadLocale
SetUnhandledExceptionFilter
WideCharToMultiByte
MulDiv
SetFilePointer
CreateFileA
GetDiskFreeSpaceA
LCMapStringW
GetFullPathNameA
CloseHandle
GetStringTypeA
GetCPInfo
EnumResourceNamesW
UnhandledExceptionFilter
FreeEnvironmentStringsW
ReadFile
GetStartupInfoA
VirtualProtect
GetFileAttributesA
SetStdHandle
WriteFile
FreeLibrary
lstrcatA
IsBadCodePtr
lstrlenA
FlushFileBuffers
GetProcAddress
lstrlenA
GetCurrentThreadId
GetEnvironmentStringsW
IsBadReadPtr
GetOEMCP
GetModuleHandleA
FreeEnvironmentStringsA
EnterCriticalSection
RaiseException

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 83KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dddaa7b2ae0d0726ea21c160759e31f1

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 83KB - Virtual size: 491KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 76KB - Virtual size: 75KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 491KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 76KB - Virtual size: 75KB

.rsrc
Size: 512B - Virtual size: 4KB