JaffaCakes118_570c4f83de6b15683d8bcc40565a7e9a

General

Target

JaffaCakes118_570c4f83de6b15683d8bcc40565a7e9a
Size

173KB
MD5

570c4f83de6b15683d8bcc40565a7e9a
SHA1

e4bc20440392cf90dd51d6e949baf753e886ab08
SHA256

7286f56b607b60fbaf5ad8d1e6809425646c639e417e91fa3fc1930cfe12efd8
SHA512

89d3e1535d0606cb1f76499d3c38a90c33485c5db676e2c23b8a13ee160b2da3e23baed01dc205b17cf811e8404f83aced9f3d48b3dcf4869c665062d27d39b2
SSDEEP

3072:OuTCZs9t9TIcRILdMRdMlS/zVSigDJ34j9EmEu3J1o2Xcf6:OsCa9PIcRsMRdOS7QiU4JBJFN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_570c4f83de6b15683d8bcc40565a7e9a

Files

JaffaCakes118_570c4f83de6b15683d8bcc40565a7e9a
.exe windows:4 windows x86 arch:x86

3fdc876b138f738764042689797aa755

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

MapViewOfFile
FindAtomW
SetUnhandledExceptionFilter
QueryPerformanceCounter
QueryDosDeviceW
FindClose
OpenProcess
ReleaseMutex
UnmapViewOfFile
GetTickCount
InterlockedCompareExchange
GetSystemTimeAsFileTime
Sleep
EnumResourceLanguagesW
LoadLibraryW
GetFileSizeEx
EncodePointer
FindNextFileW
FindFirstFileW
GetConsoleCursorMode
GetLogicalDriveStringsW
SetFileAttributesW
CreateFileMappingW
UnhandledExceptionFilter
WaitForSingleObject
EnterCriticalSection
IsWow64Process
CreateMutexW

shlwapi

PathGetArgsW
SHRegGetValueW
PathIsUNCW
PathSkipRootW
StrDupW
PathFindFileNameW

advapi32

EncryptFileW
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegQueryInfoKeyW
RegEnumValueW
DecryptFileW
RegCloseKey

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 487KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fdc876b138f738764042689797aa755

Headers

File Characteristics

Imports

kernel32

shlwapi

advapi32

setupapi

Sections

.text Size: 91KB - Virtual size: 487KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 77KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 487KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 77KB

.rsrc
Size: 1024B - Virtual size: 4KB