JaffaCakes118_7266056e25fe8b7dbb52e5fbb0c22f67

General

Target

JaffaCakes118_7266056e25fe8b7dbb52e5fbb0c22f67
Size

169KB
MD5

7266056e25fe8b7dbb52e5fbb0c22f67
SHA1

7614c024f3476c1dccf37516f632fcc63653a1df
SHA256

1f49328e7a617685196b1495c6e650f5c86f26e66cf8f896ce45ddf4da5a6ff0
SHA512

554734d9ddef4594d4d1a7407d3a34484b91f5a0faa47e3f893eb7e3b0031434caf8f46c5a73bcb487608da8e9537a2560c15cc995f1d6b745a0090ecf21643b
SSDEEP

3072:fpPSxw5COty1PDRwNQsTFpOdy4MlFZjRWLlq3OE1/Mrr8NLc:fp0htTgQogs4MpRWYOE12r8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7266056e25fe8b7dbb52e5fbb0c22f67

Files

JaffaCakes118_7266056e25fe8b7dbb52e5fbb0c22f67
.exe windows:4 windows x86 arch:x86

0e21d8b10775ecb43c99ac140e0fab8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

kernel32

LeaveCriticalSection
LockResource
LoadLibraryW
FindResourceA
AddAtomW
GetCurrentProcessId
GetTickCount
GetSystemTime
GetCurrentThread
ReleaseSemaphore
MultiByteToWideChar
CreateSemaphoreA
HeapFree
DisableThreadLibraryCalls
EnterCriticalSection
InterlockedIncrement
ReleaseMutex
WideCharToMultiByte
GetModuleFileNameW
QueryPerformanceCounter
GetProcAddress
LoadLibraryA
EnumResourceLanguagesW
VirtualAlloc
GetSystemInfo
InterlockedDecrement
TerminateThread
IsBadWritePtr
FreeLibrary
GetCurrentThreadId
GetLastError
GetExitCodeThread
LoadResource
lstrlenA
CreateMutexA
ResetEvent
GlobalAlloc
GetGeoInfoW
IsBadReadPtr
SetThreadPriority
VirtualFree
GetModuleFileNameA
WaitForMultipleObjects
Sleep
CreateFileW
GetProcessHeap
GetThreadPriority
ExitProcess

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

StrCmpNIA
StrStrA

shell32

SHGetFolderPathW

Sections

.text
Size: 86KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e21d8b10775ecb43c99ac140e0fab8b

Headers

File Characteristics

Imports

newdev

iphlpapi

kernel32

setupapi

shlwapi

shell32

Sections

.text Size: 86KB - Virtual size: 485KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 485KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 512B - Virtual size: 4KB