JaffaCakes118_7bd2de3934dceb13d3b2f17c2efde270

General

Target

JaffaCakes118_7bd2de3934dceb13d3b2f17c2efde270
Size

281KB
MD5

7bd2de3934dceb13d3b2f17c2efde270
SHA1

184f4640ffba68eba9374b431875091707a62135
SHA256

f77b4828c2bdf91fab75d3056d87c9ea768a7636b00e9af0d5aff8476bbed78e
SHA512

1bd089fd9a3134f0dc4ba9366d06f9fc357003e6ecd57eb8bca40ae04173d16dff5937e2e0a2c9baf391b0a62dd12785d4e8c435b197eb1175271b5897c2266d
SSDEEP

6144:nn2YLsMY8MP4ZHrgaSIaOEXVDY/L0Y//QctWKEP8go:294Z7Sb7X2/v//nmP8go

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7bd2de3934dceb13d3b2f17c2efde270

Files

JaffaCakes118_7bd2de3934dceb13d3b2f17c2efde270
.exe windows:4 windows x86 arch:x86

bb12d8d1d16953538e65fbde6cc5b878

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

SHGetFolderPathW

advapi32

ReportEventW
DeregisterEventSource
RegEnumKeyExW
SetServiceStatus
ControlService
DeleteService
CloseServiceHandle
OpenSCManagerW
RegisterEventSourceW
OpenServiceW
OpenProcessToken
OpenThreadToken
CreateServiceW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

DeleteObject

kernel32

SetPriorityClass
FindNextFileW
LeaveCriticalSection
GetProcAddress
FindAtomW
GetTickCount
GetExitCodeThread
CreateFileW
QueryPerformanceCounter
GetDriveTypeW
EnterCriticalSection
OutputDebugStringW
GetSystemTimeAsFileTime
GetCommandLineW
FindFirstFileW
ReleaseMutex
CreateDirectoryW
OpenThread
DeleteFileW
EnumResourceLanguagesW
ResumeThread
GetModuleHandleA
FindClose
DeviceIoControl
GetCurrentConsoleFont
LoadResource
CopyFileW
GetStartupInfoW
SetThreadPriority
GetCurrentProcessId
GetFileAttributesW
LoadLibraryExW
ExitProcess
FindResourceW

Sections

.text
Size: 146KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb12d8d1d16953538e65fbde6cc5b878

Headers

File Characteristics

Imports

shell32

advapi32

setupapi

gdi32

kernel32

Sections

.text Size: 146KB - Virtual size: 281KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 131KB - Virtual size: 131KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 281KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 131KB - Virtual size: 131KB

.rsrc
Size: 512B - Virtual size: 4KB