JaffaCakes118_cd16647c660c148cce43e3533cf7b13b

General

Target

JaffaCakes118_cd16647c660c148cce43e3533cf7b13b
Size

97KB
MD5

cd16647c660c148cce43e3533cf7b13b
SHA1

94762b905fb36b7c51e5f6e044d36ed1f64ef9e5
SHA256

9d3c3296d6667c63b65e608003036982a98ade799c453d8261b209cb6020bd4b
SHA512

9440e1804b1a556ed894b9a10b1de91eb23d64ed3d15e299b14e6df433a6fc39677d34d838012466e1cdd3ea7504be3d707a119dfd95a32a5a177ecaf7089b42
SSDEEP

1536:hv2ayNFPt12xuVrfoTzTF9XJ0gW1uTu1nUWmo0GudXOpGMphSH3W0:FYNlPkTFEgW1uTuOWp0GuFOpG5Xh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_cd16647c660c148cce43e3533cf7b13b

Files

JaffaCakes118_cd16647c660c148cce43e3533cf7b13b
.exe windows:4 windows x86 arch:x86

786fc42be9cd8580a2c69d132111a6e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZClose
LZOpenFileA

kernel32

Sleep
GetModuleFileNameW
GetFileAttributesA
AddAtomA
WaitForSingleObject
SetFileAttributesA
DeleteFileA
CloseHandle
GetSystemTime
DeviceIoControl
GlobalFree
LocalAlloc
ReadFile
GlobalLock
GetVolumeInformationA
GetModuleFileNameA
InterlockedDecrement
CreateDirectoryA
CreateFileW
MultiByteToWideChar
InterlockedIncrement
EnumResourceNamesW
SetFilePointer
InitializeCriticalSection
WideCharToMultiByte
GetCurrentThreadId
GetLastError
LocalFree
VirtualAlloc
DisableThreadLibraryCalls
GetVersionExA
CreateFileA
lstrlenA
GetTickCount
VirtualFree
CreateMutexA
GlobalUnlock
CheckNameLegalDOS8Dot3W
QueryPerformanceCounter
GetCurrentProcessId
GetTempPathA
CopyFileA
DeleteCriticalSection
GetFileSize
ReleaseMutex
GetSystemTimeAsFileTime
GetTempFileNameA
FreeLibrary

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

786fc42be9cd8580a2c69d132111a6e3

Headers

File Characteristics

Imports

lz32

kernel32

setupapi

Sections

.text Size: 54KB - Virtual size: 53KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 39KB - Virtual size: 39KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 53KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 39KB - Virtual size: 39KB

.rsrc
Size: 512B - Virtual size: 4KB