392f7ca54d61a6584b8579defa943cdf_JaffaCakes118

General

Target

392f7ca54d61a6584b8579defa943cdf_JaffaCakes118
Size

279KB
MD5

392f7ca54d61a6584b8579defa943cdf
SHA1

a9c6ce4a9667f2806bd9288d42fa418cac7d6322
SHA256

efa8e239bf7f6b5c6292e49688b02614365d416ca38b7479a00fc8d48cfa5cd7
SHA512

a1c9b7aceb9f4e6b1c1b8d17e20887802312ec476ef70ef7a5f603daca0f56d01fad867ead92498f0638ad799232fb8209f9a3c1bfba0073481655077146bb46
SSDEEP

6144:e0DeWKZ0wKBXd15UbCeN8gMJ6t76E5vZ+Jkd2EQp:vD4S1Bni6SZhS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
392f7ca54d61a6584b8579defa943cdf_JaffaCakes118

Files

392f7ca54d61a6584b8579defa943cdf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2169255a0fcdc5caad7ba3a8bdc2311b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GlobalUnlock
AddAtomW
GetCurrentThreadId
CreateFileA
GetLastError
GetModuleFileNameA
GetSystemTimeAsFileTime
CopyFileA
SetFileAttributesA
VirtualAlloc
GetTickCount
DisableThreadLibraryCalls
GetTempFileNameA
GetVersionExA
VirtualFree
WideCharToMultiByte
Sleep
LocalFree
GetTempPathA
InitializeCriticalSection
GetSystemTime
LocalAlloc
GetVolumeInformationA
WaitForSingleObject
DeleteFileA
GetCurrentProcessId
QueryPerformanceCounter
EnumResourceNamesA
CheckNameLegalDOS8Dot3W
lstrlenA
CloseHandle
GlobalFree
SetFilePointer
ReleaseMutex
GetModuleFileNameW
ReadFile
CreateDirectoryA
CreateFileW
CreateMutexA
DeleteCriticalSection
GetFileAttributesA
DeviceIoControl
InterlockedDecrement
MultiByteToWideChar
GetFileSize
GlobalLock
FreeLibrary

advapi32

RegOpenKeyA
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueA
RegDeleteKeyA
RegCloseKey

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZCopy
LZClose
LZOpenFileA

Sections

.text
Size: 150KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2169255a0fcdc5caad7ba3a8bdc2311b

Headers

File Characteristics

Imports

kernel32

advapi32

setupapi

lz32

Sections

.text Size: 150KB - Virtual size: 281KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 150KB - Virtual size: 281KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 512B - Virtual size: 4KB