ec94347f0be1e864cc0ea3719f92b5e1_JaffaCakes118

General

Target

ec94347f0be1e864cc0ea3719f92b5e1_JaffaCakes118
Size

273KB
MD5

ec94347f0be1e864cc0ea3719f92b5e1
SHA1

0e9060f38158dd0a589d8f7dacc13a7c10b56edd
SHA256

05e8836d34169e1cf859097c55e9efbac6d18664cbf8fc84016998d0c18e7ce5
SHA512

179cf772f46362304794e7b0274478108342f10f1989bf26dcba8ba03eca6c259da069dd26e74123f80e42b0b9d8a0d194ad1d85216b7df390e7586266401299
SSDEEP

6144:o9sby61+x5HEEABc/h1ue70FOlKs/uoafxuUZpUi:1byuO5HE5Buc8KuuoEvJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec94347f0be1e864cc0ea3719f92b5e1_JaffaCakes118

Files

ec94347f0be1e864cc0ea3719f92b5e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

957ea005d604735596e4493a41ea64e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

MulDiv
GetTickCount
FindFirstFileA
GetStringTypeW
AddAtomA
ReadFile
GetFullPathNameA
FlushFileBuffers
lstrcmpiA
IsBadReadPtr
GetOEMCP
FreeEnvironmentStringsA
GetStringTypeA
LCMapStringA
UnhandledExceptionFilter
Sleep
lstrcatA
lstrcmpA
SetStdHandle
GetEnvironmentStringsW
LoadLibraryA
GetFileAttributesA
GetEnvironmentStrings
FreeEnvironmentStringsW
CloseHandle
GetThreadLocale
LCMapStringW
GetCPInfo
MultiByteToWideChar
InitializeCriticalSection
EnumResourceNamesW
FreeLibrary
SetUnhandledExceptionFilter
DeleteCriticalSection
GetLastError
lstrlenW
lstrcpynA
lstrlenA
EnterCriticalSection
GetStartupInfoA
GetModuleHandleA
lstrcpyA
WriteFile
VirtualProtect
CreateFileA
GetCurrentThreadId
IsBadCodePtr
SetFilePointer
GetDiskFreeSpaceA
LeaveCriticalSection
GetProcAddress
WideCharToMultiByte
RaiseException

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 136KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

957ea005d604735596e4493a41ea64e7

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 136KB - Virtual size: 279KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 134KB - Virtual size: 133KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 279KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 134KB - Virtual size: 133KB

.rsrc
Size: 512B - Virtual size: 4KB