4290f3e9d96af353efe816947867422f_JaffaCakes118

General

Target

4290f3e9d96af353efe816947867422f_JaffaCakes118
Size

171KB
MD5

4290f3e9d96af353efe816947867422f
SHA1

8be9065e8714ca530428421c0a2c6b328cafec6a
SHA256

2e8d36ee6ff65438b4e4e12eb7c1bdc682f0dfccb6412102398ab5b3c0273a3c
SHA512

1de0d1ddd1a4a59398d9b638f7c3936a54ce8f8fa1e09c68b4a0e65bcd38be3371bb0481878f409a0347b956a0dcd69aa8bdf772485dad1aee3577c8f9b161af
SSDEEP

3072:8ajOlM+T7NYHXdkyrmmSngJFc6nDGKwoUaa/eHBJY6tMu:8ajtaeiyrADGDGwUh/Ss6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4290f3e9d96af353efe816947867422f_JaffaCakes118

Files

4290f3e9d96af353efe816947867422f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

154f8828b6a634ca16af9918079e92be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
CreateFileA
GetFullPathNameA
GetOEMCP
FreeEnvironmentStringsA
DeleteCriticalSection
GetDiskFreeSpaceA
GetLastError
lstrlenA
AddAtomA
lstrcpynA
ReadFile
FindFirstFileA
GetStartupInfoA
GetThreadLocale
GetModuleHandleA
LoadLibraryA
FlushFileBuffers
GetTickCount
Sleep
WriteFile
WideCharToMultiByte
MulDiv
IsBadCodePtr
InitializeCriticalSection
SetFilePointer
LCMapStringW
SetUnhandledExceptionFilter
lstrcmpA
UnhandledExceptionFilter
VirtualProtect
EnumResourceNamesW
lstrcmpiA
FreeEnvironmentStringsW
SetStdHandle
GetFileAttributesA
IsBadReadPtr
SetDllDirectoryW
GetProcAddress
CloseHandle
lstrcpyA
EnterCriticalSection
GetStringTypeA
FreeLibrary
GetStringTypeW
GetEnvironmentStringsW
GetCPInfo
GetCurrentThreadId
GetEnvironmentStrings
MultiByteToWideChar
LeaveCriticalSection
LCMapStringA
RaiseException

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 94KB - Virtual size: 490KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

154f8828b6a634ca16af9918079e92be

Headers

File Characteristics

Imports

kernel32

setupapi

Sections

.text Size: 94KB - Virtual size: 490KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 490KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 512B - Virtual size: 4KB