JaffaCakes118_60a3a4d138d7c89753847d6ba316ef04

General

Target

JaffaCakes118_60a3a4d138d7c89753847d6ba316ef04
Size

279KB
MD5

60a3a4d138d7c89753847d6ba316ef04
SHA1

6b8fb875631fb450859d21cccfe86d344186b596
SHA256

34c4b2637bf186e4d20274c41832b7ccaf7afcbd6b5076a7469f4d7d86ce72b4
SHA512

3aeee1d92a5b66de5ba700ea8e17f80045916ad79cef0fde4c181c7422df7b807e81efde2b3ca6b19b536036c450a38e1e6ff9569afad40c6631f385c5d51cb5
SSDEEP

6144:t1GI98kj0iUHA5Q3w8fZjzIFd5evrLrO268UDA6Fjhxt7:aI301HR1g4DO26t3txt7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_60a3a4d138d7c89753847d6ba316ef04

Files

JaffaCakes118_60a3a4d138d7c89753847d6ba316ef04
.exe windows:4 windows x86 arch:x86

950a895c07b9f5dbc913a48f25fbf332

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHGetFolderPathW

kernel32

ReleaseMutex
GetCommandLineW
LoadLibraryExW
OutputDebugStringW
CreateDirectoryW
FindAtomW
GetTickCount
EnterCriticalSection
GetExitCodeThread
GetStartupInfoW
CopyFileW
OpenThread
GetProcAddress
GetDriveTypeW
LoadResource
DeleteFileW
FindClose
GetCurrentProcessId
SetPriorityClass
EnumResourceLanguagesW
DeviceIoControl
FindFirstFileW
GetCurrentConsoleFont
FindNextFileW
GetFileAttributesW
ExitProcess
LeaveCriticalSection
QueryPerformanceCounter
GetModuleHandleA
GetSystemTimeAsFileTime
ResumeThread
SetThreadPriority
CreateFileW
FindResourceW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

DeleteObject

advapi32

RegisterEventSourceW
ControlService
OpenSCManagerW
CloseServiceHandle
OpenServiceW
ReportEventW
OpenProcessToken
DeleteService
SetServiceStatus
RegEnumKeyExW
DeregisterEventSource
OpenThreadToken
CreateServiceW

Sections

.text
Size: 135KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

950a895c07b9f5dbc913a48f25fbf332

Headers

File Characteristics

Imports

shell32

kernel32

setupapi

gdi32

advapi32

Sections

.text Size: 135KB - Virtual size: 275KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 135KB - Virtual size: 275KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 512B - Virtual size: 4KB