JaffaCakes118_e8ce78fbf72f719859653de68bdd9ee4

General

Target

JaffaCakes118_e8ce78fbf72f719859653de68bdd9ee4
Size

182KB
MD5

e8ce78fbf72f719859653de68bdd9ee4
SHA1

7aeeadf7aa5d616d732761e593db5af80870aa44
SHA256

4cab39203c8fef4911799a9e0621132345a7f74a10295a038c20dba25350feae
SHA512

78e58f5f2236d0bccf52a08f9968652f6d40ffac1780944d13668a7b9a54dc897ea814a3c4090cffa375ba4040227a87808f09bb2b9a143cc282b6ec588a7fdf
SSDEEP

3072:W4HDrOxlHz0KOxxVjzw4I/Z9WNSiBlgB5lnTkjIyZPU0AyIoGhzgxc4svTSZ9S05:7OzkF/w4YWNZs514EIDIz/4sWq07rB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e8ce78fbf72f719859653de68bdd9ee4

Files

JaffaCakes118_e8ce78fbf72f719859653de68bdd9ee4
.exe windows:4 windows x86 arch:x86

6c0ecd212b318fd233933196742912b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
GetSystemTimeAsFileTime
lstrlenW
IsBadWritePtr
CloseHandle
GetModuleHandleA
InterlockedDecrement
LeaveCriticalSection
GetACP
lstrlenA
GetProcessTimes
DeleteCriticalSection
MultiByteToWideChar
GetLocaleInfoA
InterlockedIncrement
WideCharToMultiByte
UnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
CreateFileA
SetUnhandledExceptionFilter
EnumResourceTypesA
GetTickCount
GetFileAttributesA
GetProcAddress
LoadLibraryA
EnterCriticalSection
GetThreadLocale
LocalFree
InitializeCriticalSection
QueryPerformanceCounter
GetLastError
ExitProcess
FreeLibrary
IsBadReadPtr
InterlockedExchange
GetVersionExA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

ole32

StgCreateDocfile
StgOpenStorage

user32

wsprintfA
wsprintfW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c0ecd212b318fd233933196742912b1

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

user32

setupapi

shell32

Sections

.text Size: 105KB - Virtual size: 104KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 73KB - Virtual size: 73KB

.edata Size: 1024B - Virtual size: 368KB

.text
Size: 105KB - Virtual size: 104KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 73KB - Virtual size: 73KB

.edata
Size: 1024B - Virtual size: 368KB