ec477414a41353fe0ef989b49ee5601b_JaffaCakes118

General

Target

ec477414a41353fe0ef989b49ee5601b_JaffaCakes118
Size

169KB
MD5

ec477414a41353fe0ef989b49ee5601b
SHA1

7e05292993ffe029a5642cc1b26cd7a0eeaa9c9e
SHA256

c9375aa7c4ba5f8dea24a40a4dd67e7ffb232f08d63e05c4044b862ced5251c3
SHA512

645702e775923febe5001eb18954efc76d7b7360107687922f690713f31c8549989d9243cbeb64b4a849849f64103db86300446d4e74c04ddecb985c6df3bd65
SSDEEP

3072:CY1hC/qJjfzN3vb67yN4RpKcZRhBDBRA5bQHACbpb8MO99R/P9NkPOd3MOYs:CYSyh53PNaPZR4VS98bnEPOd3M4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec477414a41353fe0ef989b49ee5601b_JaffaCakes118

Files

ec477414a41353fe0ef989b49ee5601b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb7cf323416ce8d64af2c1a7859fd956

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Global_State
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetCPInfo
ReadFile
LCMapStringW
VirtualProtect
lstrcpyA
SetStdHandle
EnterCriticalSection
AddAtomA
lstrcmpA
IsBadReadPtr
GetOEMCP
InitializeCriticalSection
GetStringTypeA
SetUnhandledExceptionFilter
IsBadCodePtr
UnhandledExceptionFilter
CreateFileA
lstrlenA
FlushFileBuffers
LeaveCriticalSection
FreeEnvironmentStringsA
CloseHandle
MulDiv
GetTickCount
LoadLibraryA
GetEnvironmentStrings
GetCurrentThreadId
EnumResourceNamesW
DeleteCriticalSection
WriteFile
GetEnvironmentStringsW
SetFilePointer
GetDiskFreeSpaceA
lstrlenW
GetFileAttributesA
LCMapStringA
FreeEnvironmentStringsW
lstrcpynA
GetStringTypeW
FreeLibrary
MultiByteToWideChar
lstrcmpiA
Sleep
lstrcatA
GetThreadLocale
GetLastError
GetFullPathNameA
FindFirstFileA
GetProcAddress
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
RaiseException

Sections

.text
Size: 88KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb7cf323416ce8d64af2c1a7859fd956

Headers

File Characteristics

Imports

setupapi

kernel32

Sections

.text Size: 88KB - Virtual size: 487KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 487KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 512B - Virtual size: 4KB