62f840f78a53bf7f553bc247602df995_JaffaCakes118

General

Target

62f840f78a53bf7f553bc247602df995_JaffaCakes118
Size

185KB
MD5

62f840f78a53bf7f553bc247602df995
SHA1

64167d77ee99372d18c1157e1a066310e4735606
SHA256

1675ba6298bab30ee09423eaa7681ee9af38578a779b269f7310abd023b849f4
SHA512

edba2d8aeebdb4d1faaed5ad3da6cd5ef84a0a33d9732ec1be9cb94e2941831fb8e9cfd362dac7aa6b2e6fcf13b6b3aa50f382e58da59d0c4ab1f7975fdaa274
SSDEEP

3072:CRN1haugMpbDTjYNHGjYNhNR4P4Fs+iZ0OyMhsqklXlVdqdgL30Cx5d:yN1hLx74sYNhNR+4biZ0BqklTF30o5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f840f78a53bf7f553bc247602df995_JaffaCakes118

Files

62f840f78a53bf7f553bc247602df995_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b69202aa9a944431ce13700fb11d25e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

advapi32

OpenServiceW
RegisterEventSourceW
OpenProcessToken
CloseServiceHandle
SetServiceStatus
OpenSCManagerW
RegEnumKeyExW
OpenThreadToken
DeregisterEventSource
ReportEventW
ControlService
DeleteService
CreateServiceW

gdi32

DeleteObject

kernel32

FindAtomW
LoadLibraryExW
GetCommandLineW
LoadResource
GetCurrentProcessId
GetProcAddress
SetThreadPriority
ReleaseMutex
DeviceIoControl
EnterCriticalSection
GetFileAttributesW
DeleteFileW
GetSystemTimeAsFileTime
SetPriorityClass
EnumResourceLanguagesW
LeaveCriticalSection
CreateFileW
CopyFileW
FindFirstFileW
OpenThread
GetExitCodeThread
OutputDebugStringW
QueryPerformanceCounter
GetConsoleCommandHistoryW
CreateDirectoryW
GetTickCount
ExitProcess
GetModuleHandleA
FindNextFileW
GetStartupInfoW
GetDriveTypeW
ResumeThread
FindClose
FindResourceW

Sections

.text
Size: 96KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b69202aa9a944431ce13700fb11d25e2

Headers

File Characteristics

Imports

setupapi

advapi32

gdi32

kernel32

Sections

.text Size: 96KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB