JaffaCakes118_a3304f42339688b328f0641077589bcf

General

Target

JaffaCakes118_a3304f42339688b328f0641077589bcf
Size

278KB
MD5

a3304f42339688b328f0641077589bcf
SHA1

a65aa4a375a22a48bdf2dfc940d8645124085a09
SHA256

1307c3a8d65bab0630a974855211f624bc477b7a7f52b57c43d377f3a0a767a0
SHA512

6318400167c7a01e948f4861a3e3420b189b5292d534662b01bec0946bd8852f78a3adc535d52776ce6b186fc3fcef426daf94f94772e73198f40c094860d439
SSDEEP

6144:2C40ZcI/3rU4usmF0Q0X6TyJ9CAudGKTZ6v5SCGlO0QWTt:1406iVuss0Q0X6TySAqTZ6pjI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a3304f42339688b328f0641077589bcf

Files

JaffaCakes118_a3304f42339688b328f0641077589bcf
.exe windows:4 windows x86 arch:x86

cb8a83ff6a6482f1f5a2fe2af633d57b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZClose
LZOpenFileA

kernel32

GetVersionExA
InterlockedIncrement
DeleteFileA
GetTickCount
Sleep
WideCharToMultiByte
AddAtomA
InitializeCriticalSection
WaitForSingleObject
GetVolumeInformationA
GetFileSize
GetTempFileNameA
MultiByteToWideChar
LocalAlloc
GlobalUnlock
GetModuleFileNameA
lstrlenA
SetFilePointer
VirtualFree
CreateFileW
GetSystemTimeAsFileTime
CreateDirectoryA
CopyFileA
GlobalFree
GetModuleFileNameW
CreateFileA
GetLastError
EnumResourceNamesW
GetFileAttributesA
GlobalLock
QueryPerformanceCounter
DeviceIoControl
DeleteCriticalSection
CloseHandle
SetFileAttributesA
LocalFree
DisableThreadLibraryCalls
CheckNameLegalDOS8Dot3W
GetCurrentProcessId
GetCurrentThreadId
CreateMutexA
InterlockedDecrement
VirtualAlloc
ReleaseMutex
GetTempPathA
GetSystemTime
ReadFile
FreeLibrary

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 149KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb8a83ff6a6482f1f5a2fe2af633d57b

Headers

File Characteristics

Imports

lz32

kernel32

setupapi

Sections

.text Size: 149KB - Virtual size: 281KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 125KB - Virtual size: 125KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 149KB - Virtual size: 281KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 125KB - Virtual size: 125KB

.rsrc
Size: 512B - Virtual size: 4KB