JaffaCakes118_f4a299dee043b761ebda36a5d846b116

General

Target

JaffaCakes118_f4a299dee043b761ebda36a5d846b116
Size

174KB
MD5

f4a299dee043b761ebda36a5d846b116
SHA1

093201cf450cd84edbc1795ae2e10fdeadc4be8d
SHA256

1bd0f6b56b2962c533b700d93d47fd9d6d320068a422be7880b24b0c09eb2e10
SHA512

50e5fa0a1d3fdc1f44a1261b08c88cf61b40aa2f1a91461839f91f6bc87559957bb7c94e11f5f2cdf910b5f9f50774bb899359f0cf213e7591648266a9b06b03
SSDEEP

3072:N86UNmwtv6jXf0N8CeVKaQhcoh/HpDtVqECw6xjgVLLXbUPj4WZ4P2PdQLD/DbQo:ys0CzbRVX0c0/Hpb6wdVLHOf4P2PdKlj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f4a299dee043b761ebda36a5d846b116

Files

JaffaCakes118_f4a299dee043b761ebda36a5d846b116
.exe windows:4 windows x86 arch:x86

5a71c9784ec8d0a606c9e81b67f5a4da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyA
RegCloseKey

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

DisableThreadLibraryCalls
AddAtomW
GetModuleFileNameA
SetFileAttributesA
GetVolumeInformationA
GetCurrentThreadId
QueryPerformanceCounter
SetFilePointer
GetVersionExA
GetCurrentProcessId
CloseHandle
InterlockedDecrement
GetTempFileNameA
GetSystemTimeAsFileTime
GetTickCount
WideCharToMultiByte
CreateMutexA
CreateFileW
GlobalUnlock
LocalFree
CreateFileA
MultiByteToWideChar
ReadFile
GetSystemTime
EnumResourceNamesA
CopyFileA
InterlockedIncrement
GlobalFree
GetFileAttributesA
VirtualFree
GetFileSize
CreateDirectoryA
FindResourceA
WaitForSingleObject
DeleteCriticalSection
Sleep
InitializeCriticalSection
ReleaseMutex
GetTempPathA
lstrlenA
LocalAlloc
DeviceIoControl
GlobalLock
DeleteFileA
VirtualAlloc
GetLastError
GetModuleFileNameW
FreeLibrary

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 96KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a71c9784ec8d0a606c9e81b67f5a4da

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

lz32

Sections

.text Size: 96KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 75KB - Virtual size: 74KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 96KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 512B - Virtual size: 4KB