d5284ab1af003d9f2a34c1279c06dafe_JaffaCakes118

General

Target

d5284ab1af003d9f2a34c1279c06dafe_JaffaCakes118
Size

172KB
MD5

d5284ab1af003d9f2a34c1279c06dafe
SHA1

633ec406ffaccf21a94d9e13200106d8a19a7658
SHA256

42eafbd6c7be0dca12e0dbb2691010c9570983846e046f0617be49710b12ed8e
SHA512

c70d427b21557832e4705eece34a7aa6b9e091b5b575b883bd954c0263de61cde4a5f3cc11e2c2f5c431bfc405e777afb3fdb58c3a9c77d25031e7e5b6802db5
SSDEEP

3072:fYynmP47+9WXyb2R7eO9Y1n9Oc9s/i5a4WgDRVYTV5bBc+dMOb95:hk0iesnkce/i+gDITV5bPdRb95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5284ab1af003d9f2a34c1279c06dafe_JaffaCakes118

Files

d5284ab1af003d9f2a34c1279c06dafe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfb9eb056bd7d055e4d2d271d5ee2dc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

ole32

CLSIDFromString
CoCreateInstance
CoTaskMemFree
StgCreateDocfile

kernel32

CloseHandle
GetCurrentProcessId
AddAtomA
IsBadCodePtr
GetStringTypeW
GetSystemTimeAsFileTime
GetStringTypeA
FlushFileBuffers
InterlockedDecrement
GetLastError
InterlockedIncrement
HeapAlloc
LCMapStringW
GetModuleHandleA
LoadLibraryExA
GetCurrentProcess
EnumResourceNamesA
IsDBCSLeadByteEx
SetStdHandle
RaiseException
LCMapStringA
IsBadReadPtr
LeaveCriticalSection
GetCurrentThreadId
EnterCriticalSection
DeleteCriticalSection
SetFilePointer
FlushInstructionCache
InitializeCriticalSection
SizeofResource

comdlg32

ChooseFontA
GetOpenFileNameA

gdi32

CreateFontIndirectA

advapi32

RegSetValueExA
RegEnumValueA
RegCreateKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shell32

Shell_NotifyIconA

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfb9eb056bd7d055e4d2d271d5ee2dc3

Headers

File Characteristics

Imports

shlwapi

setupapi

ole32

kernel32

comdlg32

gdi32

advapi32

shell32

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 76KB

.reloc Size: 1024B - Virtual size: 124KB

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 76KB

.reloc
Size: 1024B - Virtual size: 124KB