02b8362566223aa72bf45abc57f12d1a_JaffaCakes118

General

Target

02b8362566223aa72bf45abc57f12d1a_JaffaCakes118
Size

189KB
MD5

02b8362566223aa72bf45abc57f12d1a
SHA1

07986eaad143aaa1c53c136e0ad300878bed5797
SHA256

74852db8e368c2f2771c3fb3c07f6943f148c84657b1d59016ea84879a6d7253
SHA512

f41add128f6e2b020704586616e29e6ddc1d9e58a8a4da28b4b0884ce6d344ddc8ae47aebfdd086128bac42d0f90a5d20d109971ae161c0dd4c4d3aae55aba58
SSDEEP

3072:lDwY64OgNK/b7x6a260vXovKSPqt5jGUEUHJsXmqcgjivJab659B6XNK:lgok/Px6aqXoZCtQUEUpshcgjiUm5qX8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b8362566223aa72bf45abc57f12d1a_JaffaCakes118

Files

02b8362566223aa72bf45abc57f12d1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc7537ce6cfe84d71c1c61d6f818af79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
wsprintfW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

InterlockedDecrement
GetProcAddress
IsBadReadPtr
GetShortPathNameW
lstrlenW
GetThreadLocale
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
lstrlenA
GetProcessTimes
GetModuleHandleA
InterlockedExchange
CloseHandle
GetACP
FreeLibrary
EnumResourceTypesA
CreateFileA
LocalFree
InitializeCriticalSection
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetFileAttributesA
GetCurrentThreadId
GetLocaleInfoA
GetTickCount
LoadLibraryA
IsBadWritePtr
GetLastError
GetCurrentProcessId
DeleteCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
QueryPerformanceCounter
IsDebuggerPresent
InterlockedIncrement
GetVersionExA

advapi32

RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

ole32

StgCreateDocfile
StgOpenStorage

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc7537ce6cfe84d71c1c61d6f818af79

Headers

File Characteristics

Imports

user32

setupapi

kernel32

advapi32

ole32

shell32

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 79KB - Virtual size: 78KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 79KB - Virtual size: 78KB

.edata
Size: 1024B - Virtual size: 116KB