dbc8bb25294d95c5409e4dcbb7c72f75_JaffaCakes118

General

Target

dbc8bb25294d95c5409e4dcbb7c72f75_JaffaCakes118
Size

278KB
MD5

dbc8bb25294d95c5409e4dcbb7c72f75
SHA1

87c29fe989c2b42e2b118f72c75a08181d7f3ca1
SHA256

5b9f151e306da0fb6900968c6463a6520a29ccc0dae46e5e37d27799438fe74b
SHA512

7b31ad967cee624edb9a3449d8df8b80e3c59a4e32b9fc1276467c272a167006e145498badf7df29aea1d573395c5ae2ddcc71e5a8e1ff2a565173ba571de6a0
SSDEEP

6144:pkRg46xNkBcJ78+iTl6c8qJ4b5xVl4cahH7ZxQLTSb7wNfA6YrpW:5HkSYbqzVl4dH7ZxcLNY6YU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbc8bb25294d95c5409e4dcbb7c72f75_JaffaCakes118

Files

dbc8bb25294d95c5409e4dcbb7c72f75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fea6ee1f3718a0387ce64f0faabbd7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateDirectoryA
GlobalUnlock
CopyFileA
QueryPerformanceCounter
GetSystemTimeAsFileTime
MultiByteToWideChar
AddAtomW
lstrlenA
GetSystemTime
GetTempFileNameA
SetFilePointer
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
DeviceIoControl
CreateMutexA
GetModuleFileNameA
CloseHandle
LocalAlloc
GlobalFree
CreateFileA
GetCurrentProcessId
VirtualFree
InitializeCriticalSection
GetLastError
Sleep
EnumResourceNamesA
DisableThreadLibraryCalls
GetVolumeInformationA
GlobalLock
CheckNameLegalDOS8Dot3W
GetVersionExA
SetFileAttributesA
WaitForSingleObject
DeleteFileA
LocalFree
ReleaseMutex
GetFileAttributesA
WideCharToMultiByte
GetCurrentThreadId
CreateFileW
GetFileSize
GetModuleFileNameW
GetTickCount
GetTempPathA
FreeLibrary

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegEnumKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegCloseKey

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 146KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fea6ee1f3718a0387ce64f0faabbd7f

Headers

File Characteristics

Imports

kernel32

setupapi

advapi32

lz32

Sections

.text Size: 146KB - Virtual size: 277KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 129KB - Virtual size: 128KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 277KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 129KB - Virtual size: 128KB

.rsrc
Size: 512B - Virtual size: 4KB