JaffaCakes118_285a0fe5693190534f8428ee7adbf367

General

Target

JaffaCakes118_285a0fe5693190534f8428ee7adbf367
Size

184KB
MD5

285a0fe5693190534f8428ee7adbf367
SHA1

aaa02d70c669eef1142e57d95aa225f0e7804631
SHA256

2c404d422aef34d43a9314a81774169de410805bdf4f0bbcceacc99a3428cec4
SHA512

70f987598a509d07f7e2f034c56075df932acf84ab0a43069f4c341fa778608459c4fbf362ff0365ab946a714e0d15dd8e9412fd8274fb0de1dd74194c2259b2
SSDEEP

3072:wBZ5p2ZbLhatS+lk54YpeJtRRAoClwireGMFwisq46gZl8BXDIGYOQhaSC3urTZ:wBDp2ZbLc8+IpeJtfAoCNMFwisq46Ql3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_285a0fe5693190534f8428ee7adbf367

Files

JaffaCakes118_285a0fe5693190534f8428ee7adbf367
.exe windows:4 windows x86 arch:x86

370cd38e591d27a886ae9d3508d8035d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

kernel32

GlobalLock
GetFileSize
GlobalUnlock
AddAtomW
InterlockedDecrement
GetTickCount
ReadFile
CreateFileW
DeviceIoControl
ReleaseMutex
QueryPerformanceCounter
WaitForSingleObject
DeleteCriticalSection
GetVolumeInformationA
CloseHandle
GetCurrentProcessId
VirtualFree
LocalAlloc
CopyFileA
SetFileAttributesA
InterlockedIncrement
GetTempPathA
DisableThreadLibraryCalls
Sleep
CreateMutexA
SetFilePointer
LocalFree
EnumResourceNamesA
GetFileAttributesA
CheckNameLegalDOS8Dot3W
GetLastError
VirtualAlloc
GetTempFileNameA
GetModuleFileNameA
GetSystemTime
GetCurrentThreadId
GlobalFree
CreateFileA
MultiByteToWideChar
WideCharToMultiByte
GetSystemTimeAsFileTime
InitializeCriticalSection
GetVersionExA
GetModuleFileNameW
DeleteFileA
CreateDirectoryA
lstrlenA
FreeLibrary

Sections

.text
Size: 97KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

370cd38e591d27a886ae9d3508d8035d

Headers

File Characteristics

Imports

setupapi

lz32

advapi32

kernel32

Sections

.text Size: 97KB - Virtual size: 237KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 82KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 237KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 82KB

.rsrc
Size: 512B - Virtual size: 4KB