JaffaCakes118_130316493f9a630eed3ac7ed6534b657

General

Target

JaffaCakes118_130316493f9a630eed3ac7ed6534b657
Size

169KB
MD5

130316493f9a630eed3ac7ed6534b657
SHA1

8e3d5f0eae127ad0b00b9f9756126f3a7ade386e
SHA256

07ae455cae1666397054b75d5e2a777e185b3bb33d09b5e43cd667771f17b498
SHA512

a6e3bff040f233c356b9b5baf50b3c2e5200356ec364abf736a6127b82f6f535c03ff43f5c902806e19cc65053bd86ee118661fbb84b3e951e4108f7a9c2ce13
SSDEEP

3072:cej0i1xJ06uumtxpQiF0mAcr5sAPCMGNzvsOtkO5TFLgLwg9fO0TmBro8hh8LxPa:WixJ0jVzQiamfr5soGhsjb9fqrrQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_130316493f9a630eed3ac7ed6534b657

Files

JaffaCakes118_130316493f9a630eed3ac7ed6534b657
.exe windows:4 windows x86 arch:x86

6a484de6e1b392a7aa1a0bf2b388a7c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

IsBadReadPtr
VirtualProtect
CreateFileA
AddAtomW
GetLocaleInfoA
GetCurrentProcess
IsBadCodePtr
GetStringTypeW
LCMapStringW
UnhandledExceptionFilter
GetOEMCP
GetEnvironmentStrings
SetStdHandle
SetHandleCount
GetStringTypeA
ReadFile
GetFileType
GetThreadLocale
WideCharToMultiByte
GetFileAttributesA
WriteFile
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
EnumResourceNamesA
TerminateProcess
TlsGetValue
WriteFileGather
GetFullPathNameA
TlsSetValue
GetStartupInfoA
FindFirstFileA
FreeEnvironmentStringsA
GetStdHandle
GetCPInfo
GetEnvironmentStringsW
GetACP
LCMapStringA
FlushFileBuffers
HeapSize
GetModuleFileNameA
SetFilePointer
GetVersionExA
GetDiskFreeSpaceA

Sections

.text
Size: 93KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a484de6e1b392a7aa1a0bf2b388a7c0

Headers

File Characteristics

Imports

lz32

advapi32

setupapi

kernel32

Sections

.text Size: 93KB - Virtual size: 484KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 72KB - Virtual size: 72KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 93KB - Virtual size: 484KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 72KB - Virtual size: 72KB

.rsrc
Size: 512B - Virtual size: 4KB