078cf928167301554726a6af8f53d082_JaffaCakes118

General

Target

078cf928167301554726a6af8f53d082_JaffaCakes118
Size

275KB
MD5

078cf928167301554726a6af8f53d082
SHA1

d36e949908407dd7cadef0c0167b377321e337b0
SHA256

f1b6e11622a33f734bd008dd1502b94404eff6bba304a316c42bac7156e12264
SHA512

fd2acd9d7d66cf9771289955d3435203c7ef103bfea25b7a10a9aa93b2012ec0538ae9777800c40282e9a7b43484c3619def237bad4469015f1f19704ac33a5d
SSDEEP

6144:AB/ImQ7AKAiBmU9fvIJw5Gle2rRBL8+bw+MH:y/IUChNwJbe2rRZ8+LM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
078cf928167301554726a6af8f53d082_JaffaCakes118

Files

078cf928167301554726a6af8f53d082_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6430980e9667773f13034fec183a2d31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetStartupInfoA
GetOEMCP
AddAtomA
EnterCriticalSection
FreeEnvironmentStringsA
GetCurrentThreadId
InitializeCriticalSection
GetFileAttributesA
UnhandledExceptionFilter
FreeEnvironmentStringsW
Sleep
CreateFileA
LCMapStringW
GetProcAddress
GetModuleHandleA
DeleteCriticalSection
MultiByteToWideChar
LoadLibraryA
lstrcmpA
FreeLibrary
MulDiv
SetFilePointer
lstrcpynA
WriteFile
GetLastError
EnumResourceNamesW
FlushFileBuffers
CloseHandle
GetEnvironmentStringsW
SetUnhandledExceptionFilter
ReadFile
VirtualProtect
lstrlenA
GetThreadLocale
lstrlenW
IsBadReadPtr
lstrcatA
SetStdHandle
GetEnvironmentStrings
FindFirstFileA
GetDiskFreeSpaceA
GetTickCount
GetFullPathNameA
GetStringTypeW
lstrcmpiA
IsBadCodePtr
LCMapStringA
GetStringTypeA
WideCharToMultiByte
GetCPInfo
LeaveCriticalSection
lstrcpyA
RaiseException

Sections

.text
Size: 144KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6430980e9667773f13034fec183a2d31

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 144KB - Virtual size: 287KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 127KB - Virtual size: 127KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 287KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 127KB - Virtual size: 127KB

.rsrc
Size: 512B - Virtual size: 4KB