JaffaCakes118_0ec4d8770f84e5be90f352e0910625bd

General

Target

JaffaCakes118_0ec4d8770f84e5be90f352e0910625bd
Size

276KB
MD5

0ec4d8770f84e5be90f352e0910625bd
SHA1

4cec9a115c523d01fd75efb463dd8dae459c61bb
SHA256

2903bc0712af918391f81c64d2b6af36479979043aa487c91d0786a6eace9142
SHA512

f9e59f9f87cadb54d1882ae1e2c196007e13f00319d1cc01d2e6ce9e30e58e65f25596a71b3be611e23ce4c38014aeea14d9a998e9dbf67be6344606f4f93eea
SSDEEP

6144:FxVdGcywMRU9n7WKccpZQoYeGvdgLE6791I9NQdku:FxVdcbOR7WK7jB2Sf7918NQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0ec4d8770f84e5be90f352e0910625bd

Files

JaffaCakes118_0ec4d8770f84e5be90f352e0910625bd
.exe windows:4 windows x86 arch:x86

b3c745c4e179fb94b3f5f21dc1db630b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

comdlg32

ChooseFontA
GetOpenFileNameA

gdi32

CreateFontIndirectA

shlwapi

PathAddBackslashA

advapi32

RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA

ole32

CoCreateInstance
CLSIDFromString
CoTaskMemFree
StgCreateDocfile

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

AddAtomA
InterlockedIncrement
GetStringTypeW
GetCurrentProcess
GetCurrentThreadId
IsBadCodePtr
DeleteCriticalSection
FlushFileBuffers
HeapAlloc
GetCurrentProcessId
GetLastError
GetStringTypeA
GetSystemTimeAsFileTime
EnterCriticalSection
GetModuleHandleA
SetFilePointer
EnumResourceNamesA
IsDBCSLeadByteEx
FlushInstructionCache
LCMapStringA
SetStdHandle
IsBadReadPtr
CloseHandle
LoadLibraryExA
RaiseException
InterlockedDecrement
InitializeCriticalSection
LCMapStringW
LeaveCriticalSection
SizeofResource

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3c745c4e179fb94b3f5f21dc1db630b

Headers

File Characteristics

Imports

shell32

comdlg32

gdi32

shlwapi

advapi32

ole32

setupapi

kernel32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 130KB - Virtual size: 130KB

.reloc Size: 1024B - Virtual size: 392KB

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 130KB - Virtual size: 130KB

.reloc
Size: 1024B - Virtual size: 392KB