JaffaCakes118_4a762d202e32f366c77523604120df7b

General

Target

JaffaCakes118_4a762d202e32f366c77523604120df7b
Size

178KB
MD5

4a762d202e32f366c77523604120df7b
SHA1

6ed198914478446eee2053a6ff92bb225e101a55
SHA256

6ea4f3e71b83f6c6dcaf84b8d628ffe51c83ed17b66bea2807bae60bc08cb630
SHA512

204d5eb249cb97d7cb3095b289f55e13496db05d22d22ccda3ee661ab14757f0adb9ad67cba2250c3cf480f6c78a43a8992fbb83964d1d8583e2b0041a45c231
SSDEEP

3072:6RVdPpjP1C8U8lGx/I1nMqcCS3Je2EtniT922oQVFqxgDMlCY:kZpJDd0X33SiT922oWYxgD4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4a762d202e32f366c77523604120df7b

Files

JaffaCakes118_4a762d202e32f366c77523604120df7b
.exe windows:4 windows x86 arch:x86

054e2ae4ddebbc10d4c3296f766c9e06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

shell32

SHGetSpecialFolderPathA

kernel32

QueryPerformanceCounter
GetShortPathNameA
WideCharToMultiByte
GetSystemTimeAsFileTime
EnterCriticalSection
GetTickCount
GetModuleHandleA
IsBadReadPtr
CloseHandle
ExitProcess
SetUnhandledExceptionFilter
lstrlenW
MultiByteToWideChar
DeleteCriticalSection
GetProcessHandleCount
InterlockedDecrement
EnumResourceTypesA
CreateFileA
InitializeCriticalSection
UnhandledExceptionFilter
GetCurrentProcessId
LocalFree
GetLastError
FreeLibrary
GetThreadLocale
GetCurrentThreadId
InterlockedExchange
GetACP
IsDebuggerPresent
GetFileAttributesA
LeaveCriticalSection
lstrlenA
GetLocaleInfoA
IsBadWritePtr
LoadLibraryA
GetProcAddress
InterlockedIncrement
GetVersionExA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

advapi32

RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

054e2ae4ddebbc10d4c3296f766c9e06

Headers

File Characteristics

Imports

ole32

user32

shell32

kernel32

setupapi

advapi32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 71KB - Virtual size: 71KB

.edata Size: 1024B - Virtual size: 248KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 71KB - Virtual size: 71KB

.edata
Size: 1024B - Virtual size: 248KB