JaffaCakes118_11f7c6e7363a4ae04e94413cab5841e7

General

Target

JaffaCakes118_11f7c6e7363a4ae04e94413cab5841e7
Size

171KB
MD5

11f7c6e7363a4ae04e94413cab5841e7
SHA1

96ce6b0878f37162df0266773154e8c7bdde1179
SHA256

4c0a068a433397c579cafa1ec221622d0168daed98ee4b61514c46bcdac3f942
SHA512

a92a51232e7f682bd808de0a7ac84fbc7bd7f510249067ee138ce4d803815f3e69dd64fdffd6e3180ecb4e461e036d23551c5067aaa418e596c065f4719d9125
SSDEEP

3072:kJWkNI8PM+RaFCD8Im7lVkl/I286gGpZaiOnuYalaY+bQuQwO1i0S2Zw6ykqKtH:S/XM+RwKZm7lVklw6gCZaJfa4YeQp7Mp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_11f7c6e7363a4ae04e94413cab5841e7

Files

JaffaCakes118_11f7c6e7363a4ae04e94413cab5841e7
.exe windows:4 windows x86 arch:x86

84d6fe29e9d5e0f4f20eed9f6ecd3e35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

InitializeCriticalSection
CreateMutexA
GlobalFree
AddAtomW
SetFileAttributesA
CreateFileA
GetTempPathA
GetFileSize
GlobalLock
GetSystemTime
DeleteFileA
SetFilePointer
CreateDirectoryA
VirtualFree
GetSystemTimeAsFileTime
GetFileAttributesA
GetModuleFileNameA
InterlockedDecrement
CopyFileA
GetModuleFileNameW
DisableThreadLibraryCalls
MultiByteToWideChar
GetVersionExA
GetVolumeInformationA
lstrlenA
InterlockedIncrement
EnumResourceNamesA
LocalFree
Sleep
GetTempFileNameA
CheckNameLegalDOS8Dot3W
GetCurrentProcessId
CloseHandle
WaitForSingleObject
ReadFile
LocalAlloc
VirtualAlloc
WideCharToMultiByte
GlobalUnlock
QueryPerformanceCounter
GetCurrentThreadId
DeviceIoControl
GetTickCount
CreateFileW
GetLastError
ReleaseMutex
DeleteCriticalSection
FreeLibrary

Sections

.text
Size: 86KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

84d6fe29e9d5e0f4f20eed9f6ecd3e35

Headers

File Characteristics

Imports

setupapi

lz32

advapi32

kernel32

Sections

.text Size: 86KB - Virtual size: 482KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 4KB - Virtual size: 76KB

.text
Size: 86KB - Virtual size: 482KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 4KB - Virtual size: 76KB