JaffaCakes118_4008f4f3810188a013bc425004808039

General

Target

JaffaCakes118_4008f4f3810188a013bc425004808039
Size

167KB
MD5

4008f4f3810188a013bc425004808039
SHA1

93cf825120c3fa2305e3484c49f5f08012883699
SHA256

8147df2fb843f18b271e199e72b6908f5f7db335c72a04273ae4a2a258b43ae6
SHA512

532e7dc63028efef5af529fb8a6459dbbb02d71607a3a28c266fcc186c9ac589f705cdc80481ebb769d221ff8c648eee03b8bfed09575e8d146f7100bd506bcb
SSDEEP

3072:0r+0e/pT0ugb6PnCTeH/bURP87Gu6S5Ir7K3GFb/lTCJU5BAN1xhvO+S1R:0WTgb6PCTef4J87Gud5GFb/lCJUXAN1U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4008f4f3810188a013bc425004808039

Files

JaffaCakes118_4008f4f3810188a013bc425004808039
.exe windows:4 windows x86 arch:x86

24cefd393611ea46ec6ef6af3847be38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteKeyA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegQueryValueA
RegCloseKey

kernel32

SetFilePointer
GetStdHandle
AddAtomW
SetUnhandledExceptionFilter
WriteFile
GetOEMCP
GetCPInfo
ReadFile
GetStartupInfoA
GetVersionExA
SetStdHandle
GetEnvironmentStrings
GetThreadLocale
CreateFileA
GetFileAttributesA
FreeEnvironmentStringsW
GetFileType
GetFullPathNameA
GetModuleFileNameA
EnumResourceNamesA
GetStringTypeA
VirtualProtect
LCMapStringW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
FindFirstFileA
IsBadReadPtr
GetLocaleInfoA
SetHandleCount
LCMapStringA
FlushFileBuffers
WriteFileGather
UnhandledExceptionFilter
TerminateProcess
HeapSize
GetStringTypeW
IsBadCodePtr
TlsSetValue
GetCurrentProcess
GetACP
TlsGetValue
GetDiskFreeSpaceA

lz32

LZCopy
LZClose
LZOpenFileA

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 85KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24cefd393611ea46ec6ef6af3847be38

Headers

File Characteristics

Imports

advapi32

kernel32

lz32

setupapi

Sections

.text Size: 85KB - Virtual size: 481KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 85KB - Virtual size: 481KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 512B - Virtual size: 4KB