JaffaCakes118_25a1d513256a4c22796c8757b498526b

General

Target

JaffaCakes118_25a1d513256a4c22796c8757b498526b
Size

176KB
MD5

25a1d513256a4c22796c8757b498526b
SHA1

106854a11fb6694197cb41140b0d235511194d0d
SHA256

ab30a0ba23aa61cfcefa3c86b23d84b5a09be3d2920875f912ac7b64fcfe2324
SHA512

9e2f1353b2c049be39006a11105648e20c1b9a75714cfe2bddfdf9db9cb5e655595740bdb483515667c64adedab85e9170a57c584f1a1321b50e7726074e2c40
SSDEEP

3072:IuFXluw8oIUbF6iYhSd083SmFha/MnUXM6mGemNbdHumbfEFJgWR564p+C:7Nl4oI7ZP8j6/G3pZmNbdLfEFJfC4D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_25a1d513256a4c22796c8757b498526b

Files

JaffaCakes118_25a1d513256a4c22796c8757b498526b
.exe windows:4 windows x86 arch:x86

3e48745b02eab3dd0551a70a22188824

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW

kernel32

lstrcpyA
GetLastError
lstrcpyA
FindClose
OutputDebugStringW
GetProcessId
InitializeCriticalSection
GlobalFree
LockResource
WideCharToMultiByte
GetCPInfo
CreateFileMappingW
EnumResourceNamesW
GetTickCount
GetACP
lstrcpyW
lstrlenW
FreeEnvironmentStringsW
GlobalAlloc
lstrcmpiW
MultiByteToWideChar
GetModuleHandleW

ole32

CoInitialize
StringFromGUID2
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoUninitialize
CoCreateInstance
CoTaskMemFree
CoRegisterClassObject
StringFromCLSID

user32

SetTimer
DispatchMessageW
TranslateMessage
GetMessageW
CharUpperW
wsprintfW
CharNextW
GetDC
SendMessageA
PostThreadMessageW
KillTimer
UnregisterClassA

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e48745b02eab3dd0551a70a22188824

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

user32

shlwapi

oleacc

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 61KB - Virtual size: 61KB

.isete Size: 1024B - Virtual size: 116KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 61KB - Virtual size: 61KB

.isete
Size: 1024B - Virtual size: 116KB