JaffaCakes118_73b5f3d1d62035df6a6ce6e019fde726

General

Target

JaffaCakes118_73b5f3d1d62035df6a6ce6e019fde726
Size

184KB
MD5

73b5f3d1d62035df6a6ce6e019fde726
SHA1

d6650d61877e51cb5e3fd080960a17e068c578e0
SHA256

19e2bae08d547849782f25e89992c03c39d8d0b0e2c310a5ea741b410c2a1120
SHA512

671839cbcf892b0aa19c6a2eab6576b2372ab0cc20650aba86ad857ff0f8054fceffa9891abdfbd0313a23f77cc7f00ce3a18f0a803981b4a0a1d5ab21c93c94
SSDEEP

3072:GdP0a1jUBuWgxNtvfKlUiUZtR7x0nWZnEHBGPNqKzdjkinashk/QQfRJ149G8rY4:YYNgBt16nWZn6uNqmdvk/JRJW9tY4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_73b5f3d1d62035df6a6ce6e019fde726

Files

JaffaCakes118_73b5f3d1d62035df6a6ce6e019fde726
.exe windows:4 windows x86 arch:x86

640db9e377f8c00d04d1f3299d35c866

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
RegQueryValueExA
RegEnumKeyExA
RegEnumKeyA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

SetFileAttributesA
AddAtomW
Sleep
GetModuleFileNameW
CreateDirectoryA
GetTempPathA
GlobalLock
GetSystemTimeAsFileTime
VirtualAlloc
GetTempFileNameA
QueryPerformanceCounter
GetSystemTime
CopyFileA
DeviceIoControl
GetFileAttributesA
GlobalFree
lstrlenA
GetTickCount
DeleteFileA
GetVolumeInformationA
GetCurrentThreadId
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
EnumResourceNamesA
ReleaseMutex
LocalFree
CreateFileA
CreateMutexA
LocalAlloc
CheckNameLegalDOS8Dot3W
GetVersionExA
WideCharToMultiByte
GlobalUnlock
ReadFile
WaitForSingleObject
InterlockedDecrement
SetFilePointer
GetLastError
GetCurrentProcessId
GetFileSize
MultiByteToWideChar
CreateFileW
GetModuleFileNameA
VirtualFree
DisableThreadLibraryCalls
FreeLibrary

Sections

.text
Size: 97KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

640db9e377f8c00d04d1f3299d35c866

Headers

File Characteristics

Imports

advapi32

lz32

setupapi

kernel32

Sections

.text Size: 97KB - Virtual size: 236KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 83KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 236KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 83KB

.rsrc
Size: 512B - Virtual size: 4KB