JaffaCakes118_4a22e397c5f22fd5be3a3f50f1d67870

General

Target

JaffaCakes118_4a22e397c5f22fd5be3a3f50f1d67870
Size

188KB
MD5

4a22e397c5f22fd5be3a3f50f1d67870
SHA1

87f10d41f4f05bc2dd6c165748fb8281babbd658
SHA256

bcf161d989a1a814d952a056fc776b790bcc09b79db3f9125c2cb5e8226c264f
SHA512

07f153333de634c3119042d40af2b2fcd7a7eefa135f93e6e351905480b31da3accfcfeb4d9ec691086a93e6fa999a5b228676a251ca87df94551a6357d88060
SSDEEP

3072:plUp7HKMxS8hiVDebqyTq5HnkVX8YDq/lWn4hXRboojgzSt1jUm7VPfi:op7qJnDebqywEVXlgAKcokzGdU+hq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4a22e397c5f22fd5be3a3f50f1d67870

Files

JaffaCakes118_4a22e397c5f22fd5be3a3f50f1d67870
.exe windows:4 windows x86 arch:x86

db9c353c09ccc7d67d30e4343e8b06dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindAtomW
SetUnhandledExceptionFilter
IsWow64Process
UnmapViewOfFile
GetSystemTimeAsFileTime
GetLogicalDriveStringsW
GetFileSizeEx
FindNextFileW
ReleaseMutex
LoadLibraryW
WaitForSingleObject
OpenProcess
FindClose
EnumResourceLanguagesW
EncodePointer
MapViewOfFile
EnterCriticalSection
SetFileAttributesW
GetConsoleCursorMode
QueryDosDeviceW
QueryPerformanceCounter
Sleep
GetTickCount
InterlockedCompareExchange
UnhandledExceptionFilter
FindFirstFileW
CreateFileMappingW
CreateMutexW

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

advapi32

RegQueryValueExW
RegQueryInfoKeyW
RegEnumKeyW
RegEnumValueW
DecryptFileW
EncryptFileW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shlwapi

PathSkipRootW
PathIsUNCW
SHRegGetValueW
StrDupW
PathGetArgsW
PathFindFileNameW

Sections

.text
Size: 96KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db9c353c09ccc7d67d30e4343e8b06dd

Headers

File Characteristics

Imports

kernel32

setupapi

advapi32

shlwapi

Sections

.text Size: 96KB - Virtual size: 235KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 89KB - Virtual size: 88KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 235KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 89KB - Virtual size: 88KB

.rsrc
Size: 1024B - Virtual size: 4KB