JaffaCakes118_94f779ece253d16527cfe0c19b38da44

General

Target

JaffaCakes118_94f779ece253d16527cfe0c19b38da44
Size

169KB
MD5

94f779ece253d16527cfe0c19b38da44
SHA1

37ac208a182607742bd30fd1928c6850dcbadd46
SHA256

19049d1449268f54ba0b168b2a34bf85e42ec9f348cca8c7f68d4ffae5c036d5
SHA512

e9c20ff322e38a8546fc9552c4fe494c8efea85e66f1038b70382050304beed28f94aad9eb29041170978d7bc262ed26d5374763a4b4f76b73474419f677de5c
SSDEEP

3072:zvb3LmAF9cNgIDhvLGtzBxx2u0mqBI1WGVovBzJ9MrkZMaC:3Ug6vLGPurzBI4tpF9Mv9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_94f779ece253d16527cfe0c19b38da44

Files

JaffaCakes118_94f779ece253d16527cfe0c19b38da44
.exe windows:4 windows x86 arch:x86

78a5f4f3fb9fe8aee214f262cd9c1167

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
LoadLibraryExA
GetFileType
GetModuleHandleA
WritePrivateProfileStringW
GetWindowsDirectoryA
GlobalAddAtomW
GetCurrentThreadId
WaitForSingleObject
GetCurrentProcess
QueryPerformanceCounter
GetProcessHeap
GetPrivateProfileSectionW
SetUnhandledExceptionFilter
GetCurrentProcessId
lstrlenA
GetModuleHandleW
LoadLibraryExW
FreeLibrary
GetCurrentDirectoryW
CompareStringW
CreateMutexW
LoadLibraryW
GetTickCount
HeapFree
InterlockedCompareExchange
EnumResourceLanguagesW
FindNextFileW
LocalFree
GetPrivateProfileIntW
ExpandEnvironmentStringsW
RtlUnwind
lstrcmpW
LoadModule
lstrcmpiW
GetProcAddress
GetPrivateProfileStringW
HeapAlloc
GetLastError
FindFirstFileW
FindClose
InterlockedExchange
CopyFileW
ReleaseMutex
GetVersionExW
GetSystemInfo
SetFileAttributesW
GetStartupInfoA
Sleep
WritePrivateProfileSectionW

iphlpapi

GetIpAddrTable

shlwapi

StrCmpNIA
StrStrA

newdev

UpdateDriverForPlugAndPlayDevicesW

shell32

SHGetFolderPathW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 87KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78a5f4f3fb9fe8aee214f262cd9c1167

Headers

File Characteristics

Imports

kernel32

iphlpapi

shlwapi

newdev

shell32

setupapi

Sections

.text Size: 87KB - Virtual size: 486KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 486KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 512B - Virtual size: 4KB