JaffaCakes118_25b9c5483f15027fec145650626285e3

General

Target

JaffaCakes118_25b9c5483f15027fec145650626285e3
Size

187KB
MD5

25b9c5483f15027fec145650626285e3
SHA1

39da845eba17cf2eac66f18ed1758e07d3c5b654
SHA256

262949f4500b96fff15538b0686879572cb536025244eead92c8cf7d0501a100
SHA512

5b5c4d80608cd4a8204c585b5f04d00694f4de669b77c982e8979bf55ea5f93a08d90a7729116e12b074a5dbd7bb67e3aa0a36bda8c58df5f28d960f499ea346
SSDEEP

3072:rV0ZL6tCiE9wWR0piinsC58e6cCWYiieBO2AcpBx+dj63r0PKlq/MiokM5Gh:rztCiEis28zAYiFBOJ9du3r2ykMk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_25b9c5483f15027fec145650626285e3

Files

JaffaCakes118_25b9c5483f15027fec145650626285e3
.exe windows:4 windows x86 arch:x86

1234ab889863b15f00ab77a8857693fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegSetValueExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA

shlwapi

PathAddBackslashA

comdlg32

ChooseFontA
GetOpenFileNameA

shell32

Shell_NotifyIconA

kernel32

GetLastError
LCMapStringW
FlushFileBuffers
AddAtomA
DeleteCriticalSection
GetCurrentProcess
GetCurrentProcessId
InterlockedDecrement
SetFilePointer
SetStdHandle
IsBadCodePtr
LoadLibraryExA
CloseHandle
FlushInstructionCache
GetStringTypeA
LCMapStringA
EnumResourceNamesA
EnterCriticalSection
GetCurrentThreadId
InitializeCriticalSection
GetModuleHandleA
IsDBCSLeadByteEx
GetStringTypeW
InterlockedIncrement
HeapAlloc
IsBadReadPtr
GetSystemTimeAsFileTime
LeaveCriticalSection
RaiseException
SizeofResource

ole32

CLSIDFromString
CoTaskMemFree
CoCreateInstance
StgCreateDocfile

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

gdi32

CreateFontIndirectA

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1234ab889863b15f00ab77a8857693fd

Headers

File Characteristics

Imports

advapi32

shlwapi

comdlg32

shell32

kernel32

ole32

setupapi

gdi32

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.reloc Size: 1024B - Virtual size: 132KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.reloc
Size: 1024B - Virtual size: 132KB