JaffaCakes118_3f42737f1251688be21161e5c3257552

General

Target

JaffaCakes118_3f42737f1251688be21161e5c3257552
Size

189KB
MD5

3f42737f1251688be21161e5c3257552
SHA1

4882cf826953c6aa1f3bf01119bb7a498ec662b9
SHA256

295db97f63e0989f1702f576242b601950c26fe0d40c21571102bd22b2cf9b3c
SHA512

cd453396acd576136b75d30cb027721abebf2d7721d23b92f043362490633792b4b6eb62b1082c94b388343c8f4f8c3a07f376e2c01543c2874b7c67db7cc8d2
SSDEEP

3072:ZdwTJAxGf89jWR+9j+ur6jIuSMx4GdXM+msPEErSiMjULpKFXeylX1/yKhJAKulh:gTJAxw81WAXuneGFM/sMEeH8pK5NVyKM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3f42737f1251688be21161e5c3257552

Files

JaffaCakes118_3f42737f1251688be21161e5c3257552
.exe windows:4 windows x86 arch:x86

9623fe43c605ccc62c06d353efca844d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GlobalAddAtomW
GetDriveTypeW
LoadResource
GetSystemTimeAsFileTime
LoadLibraryExW
FindClose
CreateDirectoryW
ExitProcess
GetCurrentProcessId
OutputDebugStringW
OpenThread
CreateFileW
ReleaseMutex
GetModuleHandleA
SetPriorityClass
LeaveCriticalSection
GetExitCodeThread
ResumeThread
EnumResourceLanguagesA
DeviceIoControl
GetFileAttributesW
DeleteFileW
SetThreadPriority
CopyFileW
FindFirstFileW
LoadModule
EnterCriticalSection
GetTickCount
GetProcAddress
GetStartupInfoW
FindNextFileW
QueryPerformanceCounter
GetCommandLineW
FindResourceW

advapi32

OpenThreadToken
ControlService
ReportEventW
CloseServiceHandle
DeregisterEventSource
OpenSCManagerW
RegEnumKeyExW
RegisterEventSourceW
SetServiceStatus
DeleteService
OpenServiceW
OpenProcessToken
CreateServiceW

ole32

CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoRevokeClassObject
CoInitialize
CoTaskMemRealloc
CoRegisterClassObject
CoUninitialize
CoCreateInstance
CoInitializeSecurity

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 93KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9623fe43c605ccc62c06d353efca844d

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

setupapi

Sections

.text Size: 93KB - Virtual size: 233KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 92KB - Virtual size: 91KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 233KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 92KB - Virtual size: 91KB

.rsrc
Size: 512B - Virtual size: 4KB