JaffaCakes118_6a644eae0b126e463cb2bc9073c6e65d

General

Target

JaffaCakes118_6a644eae0b126e463cb2bc9073c6e65d
Size

190KB
MD5

6a644eae0b126e463cb2bc9073c6e65d
SHA1

fbdad709780daff80eda4b366f8c11aed106eaea
SHA256

a612deba068d9ace26485c230da9e96d5fca0eec59adb905b4bf6f005c49bb5f
SHA512

8e612444fdb5ebbdbe45872817150a6398909e61d01314ec2ed3c1fd78dd1f5bf2963c6d691a3f90630b7c05667213e69c430d9338dc2e3bc443fd7847ff241c
SSDEEP

3072:7OMBdOLmzQRSnw9DA5pDmwxKrZ8xWlNIFUHlKEUVsHDzh9IQQWJ/ySDm67:7OMBsmzQRkw9DSmR8wlNImHobVRxE/y2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6a644eae0b126e463cb2bc9073c6e65d

Files

JaffaCakes118_6a644eae0b126e463cb2bc9073c6e65d
.exe windows:4 windows x86 arch:x86

c6dcfa51e1230d2f688600d6fbb92464

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA

user32

wsprintfA
wsprintfW

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

ole32

StgCreateDocfile
StgOpenStorage

kernel32

InitializeCriticalSection
CreateFileA
GetShortPathNameW
GetLastError
UnhandledExceptionFilter
lstrlenA
WideCharToMultiByte
InterlockedDecrement
GetCurrentProcessId
MultiByteToWideChar
LocalFree
GetProcessTimes
FreeLibrary
LeaveCriticalSection
lstrlenW
IsBadReadPtr
GetACP
EnumResourceTypesA
GetLocaleInfoA
IsDebuggerPresent
GetCurrentThreadId
GetSystemTimeAsFileTime
GetThreadLocale
GetFileAttributesA
InterlockedExchange
GetProcAddress
GetModuleHandleA
GetTickCount
ExitProcess
LoadLibraryA
EnterCriticalSection
IsBadWritePtr
CloseHandle
QueryPerformanceCounter
DeleteCriticalSection
InterlockedIncrement
SetUnhandledExceptionFilter
GetVersionExA

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6dcfa51e1230d2f688600d6fbb92464

Headers

File Characteristics

Imports

setupapi

shell32

user32

advapi32

ole32

kernel32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 75KB - Virtual size: 75KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 75KB - Virtual size: 75KB

.edata
Size: 1024B - Virtual size: 116KB