e256c6ef381624ca2c8a54d2077b992e_JaffaCakes118

General

Target

e256c6ef381624ca2c8a54d2077b992e_JaffaCakes118
Size

185KB
MD5

e256c6ef381624ca2c8a54d2077b992e
SHA1

3f248507f466e55d17a3abd526aebe4c73b7f2a5
SHA256

bbfc072a3cc177fdebf6581af1d8fc04c06c2813e588bfb2c2c0dccec9074d0b
SHA512

e530924d0d8023c1a771f5155fcc833c18e68fe1f60f4aa997da37ce41a94ca6a958f28b99ea89c2664482954064eaf65d624d561e160222b9d2a06285f99c15
SSDEEP

3072:yhIqzvJ4ucAA410D5VtMjazg4+WSgKd1Kyt5utzBXeZvFE78PdvYnwwWzBbTlZ9:2RLJx1mNMjazgaK2Bd8VvYnww+BbTH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e256c6ef381624ca2c8a54d2077b992e_JaffaCakes118

Files

e256c6ef381624ca2c8a54d2077b992e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e0005513e1a01a5d7115301cd9078239

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

LCMapStringW
GetDiskFreeSpaceA
LCMapStringA
IsBadCodePtr
FreeEnvironmentStringsW
ReadFile
lstrlenA
LeaveCriticalSection
AddAtomA
lstrcpynA
GetStartupInfoA
GetTickCount
FlushFileBuffers
MulDiv
GetEnvironmentStrings
lstrcmpiA
LoadLibraryA
GetFileAttributesA
FreeLibrary
GetOEMCP
lstrcatA
CreateFileA
lstrcmpA
GetModuleHandleA
VirtualProtect
GetCPInfo
InitializeCriticalSection
SetUnhandledExceptionFilter
FindFirstFileA
EnumResourceNamesW
GetLastError
GetEnvironmentStringsW
lstrcpyA
CloseHandle
SetFilePointer
GetStringTypeA
GetCurrentThreadId
EnterCriticalSection
FreeEnvironmentStringsA
SetDllDirectoryW
UnhandledExceptionFilter
GetProcAddress
GetFullPathNameA
WriteFile
IsBadReadPtr
Sleep
GetThreadLocale
SetStdHandle
DeleteCriticalSection
WideCharToMultiByte
GetStringTypeW
MultiByteToWideChar
RaiseException

Sections

.text
Size: 95KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0005513e1a01a5d7115301cd9078239

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 95KB - Virtual size: 243KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 243KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 512B - Virtual size: 4KB