d809c8711fc3d906b79a0d80e3b10461_JaffaCakes118

General

Target

d809c8711fc3d906b79a0d80e3b10461_JaffaCakes118
Size

167KB
MD5

d809c8711fc3d906b79a0d80e3b10461
SHA1

c9d5781376f572f7f0c06d6048bbeef76f853187
SHA256

93974daf245cf75829a16fd39adb7b8555ff9b319c07759c7393d4994e6a0168
SHA512

b14badbfb2fffcfc0e74ee7cd421ca01f4ddfd0e3431e544a12f63993474d803930cbbdd954f4c530be037278a424fd75f7387fac1a33f2dc9392c3f40535c61
SSDEEP

3072:lxOvJRcE0srzPNzoS0duNOx7ksl5oyAvEyIIWXIpRe6gta:IJRcsrezdu0x7km5oyAvEjxcgt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d809c8711fc3d906b79a0d80e3b10461_JaffaCakes118

Files

d809c8711fc3d906b79a0d80e3b10461_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ceda698041f5ae488c91400fe1d6a22b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegQueryValueA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

kernel32

lstrlenA
QueryPerformanceCounter
GetModuleFileNameW
AddAtomW
GetTickCount
GetTempFileNameA
GetVersionExA
GlobalUnlock
LocalAlloc
InterlockedDecrement
GlobalLock
DeleteFileA
DeleteCriticalSection
CreateFileW
GetSystemTimeAsFileTime
GetCurrentProcessId
LocalFree
GetFileAttributesA
MultiByteToWideChar
SetFilePointer
DeviceIoControl
GetSystemTime
GetModuleFileNameA
SetFileAttributesA
GetVolumeInformationA
CloseHandle
EnumResourceNamesA
ReadFile
WaitForSingleObject
InterlockedIncrement
GetFileSize
VirtualFree
CheckNameLegalDOS8Dot3W
DisableThreadLibraryCalls
InitializeCriticalSection
Sleep
GetTempPathA
ReleaseMutex
WideCharToMultiByte
CreateDirectoryA
CreateFileA
GlobalFree
GetLastError
CreateMutexA
VirtualAlloc
GetCurrentThreadId
CopyFileA
FreeLibrary

Sections

.text
Size: 86KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ceda698041f5ae488c91400fe1d6a22b

Headers

File Characteristics

Imports

setupapi

advapi32

lz32

kernel32

Sections

.text Size: 86KB - Virtual size: 482KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 482KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 512B - Virtual size: 4KB