JaffaCakes118_370c4e9fb5d9cc81fb90606f89ce69d2

General

Target

JaffaCakes118_370c4e9fb5d9cc81fb90606f89ce69d2
Size

170KB
MD5

370c4e9fb5d9cc81fb90606f89ce69d2
SHA1

4736ccb37749a4ae3706fc97e43c5e6d3107c288
SHA256

9574097d7ecbe7c06ea8303500c9aee662756dbe4011b1daba9020a09b62020f
SHA512

6d2de3cedc5eb25d83972a0887ca646cbc60a7a2b6faa8c1046cf2d8afacf8f0d9ec346d3b5c4aeffec9420d8de509e8718c1ceb7f7883826b078ae47525d1ae
SSDEEP

3072:gKmdRkOtj+fhSgb8clWnmhaLi6FrdKCm7XRepDB4f+Wir+c0bNa:gK0JyfhBitRECIXYP4GWiic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_370c4e9fb5d9cc81fb90606f89ce69d2

Files

JaffaCakes118_370c4e9fb5d9cc81fb90606f89ce69d2
.exe windows:4 windows x86 arch:x86

ac4bde2e4dd2bd50afbbd1b3bd6dfcc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
SetEvent
GetExitCodeProcess
CreateThread
CreateProcessW
AddAtomW
GetTempPathW
GetVersionExW
GetSystemTime
GetSystemDirectoryW
GetCurrentThreadId
CreateFileMappingA
LocalAlloc
GetModuleHandleW
GetFileAttributesW
WaitForSingleObject
MoveFileExW
CreateEventA
SetFileAttributesW
GetCommandLineA
EnumResourceNamesA
ResetEvent
LoadLibraryExW
FileTimeToLocalFileTime
CreateFileW
WriteConsoleW
CreateWaitableTimerA
ReadFileScatter
UnmapViewOfFile
FileTimeToSystemTime
CopyFileW
CloseHandle
MapViewOfFile
DeleteFileW
CreateDirectoryW
GetEnvironmentVariableW
CreateFileA

advapi32

RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyExA
RegEnumKeyA
RegCloseKey

lz32

LZCopy
LZClose
LZOpenFileA

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 94KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac4bde2e4dd2bd50afbbd1b3bd6dfcc6

Headers

File Characteristics

Imports

kernel32

advapi32

lz32

setupapi

Sections

.text Size: 94KB - Virtual size: 489KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 73KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 489KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 512B - Virtual size: 4KB