dd1f802704cc6deb4d9ac53b30a8f4bf_JaffaCakes118

General

Target

dd1f802704cc6deb4d9ac53b30a8f4bf_JaffaCakes118
Size

279KB
MD5

dd1f802704cc6deb4d9ac53b30a8f4bf
SHA1

1450e109981b932419d29400f463a1c290603315
SHA256

a22abfa8ad0e81ff246034bf64cb5454fffe7aa551d87dd09b3ea9a25b5c9867
SHA512

564f5e20e476f355b67534dda261fb63babf93b05a0243210830af17a9c6bfa1774c237c16a27eac8df76ecce65da28944477f4efe9c410e0a2dc228a0102036
SSDEEP

6144:CbGEHVD7OTfNCm8aO15+494kGGn4tAPsU3rFpiAQUzs:Ov1DY815+4ykDU2HiAjY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd1f802704cc6deb4d9ac53b30a8f4bf_JaffaCakes118

Files

dd1f802704cc6deb4d9ac53b30a8f4bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c20e1bc98826357f8e69f16e8b6a3ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetStartupInfoA
AddAtomW
GetOEMCP
TerminateProcess
WideCharToMultiByte
LCMapStringW
GetStringTypeA
WriteFile
FindFirstFileA
GetStdHandle
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetFullPathNameA
GetACP
FlushFileBuffers
GetStringTypeW
SetStdHandle
HeapSize
EnumResourceNamesA
IsBadCodePtr
GetModuleFileNameA
ReadFile
TlsGetValue
GetCurrentProcess
CreateFileA
GetFileType
GetEnvironmentStrings
GetLocaleInfoA
GetThreadLocale
SetFilePointer
WriteFileGather
GetCPInfo
IsBadReadPtr
LCMapStringA
VirtualProtect
GetVersionExA
UnhandledExceptionFilter
SetHandleCount
TlsSetValue
GetDiskFreeSpaceA

advapi32

RegQueryValueA
RegEnumKeyA
RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 144KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c20e1bc98826357f8e69f16e8b6a3ba

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

lz32

Sections

.text Size: 144KB - Virtual size: 272KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 132KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 272KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 132KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB