JaffaCakes118_410b528e8ce9008cf8a6fad5ae71f3fe

General

Target

JaffaCakes118_410b528e8ce9008cf8a6fad5ae71f3fe
Size

168KB
MD5

410b528e8ce9008cf8a6fad5ae71f3fe
SHA1

a6fa111bddf7df8e3b0b093378abc21fe833cfa6
SHA256

1127874ba9872cb22bbd4d5105c832fcf3901ba32a1d1529f71f1efb4f7a591c
SHA512

7aebb2cfb063d89abcdeddf092222c48198d2f0b7b09a011c732d6bd2239068843919437668471973c0c7a41c3d916ad8f2a58c6ef01601bd145e36bbc311039
SSDEEP

3072:U79CNiHrYE3V5Fyosw7DZl4Y8Ho5VQ+aokajZ0ZoXWjT:U79CsHrrPswPAY8SebokajuZom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_410b528e8ce9008cf8a6fad5ae71f3fe

Files

JaffaCakes118_410b528e8ce9008cf8a6fad5ae71f3fe
.exe windows:4 windows x86 arch:x86

ac9f85dc11fafb8e70aacfdc894f2d65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
GetSystemTime
GetModuleFileNameA
GetTempPathA
AddAtomW
CloseHandle
DeviceIoControl
InterlockedIncrement
CreateDirectoryA
DisableThreadLibraryCalls
ReadFile
CreateFileW
GetFileAttributesA
InitializeCriticalSection
GetTickCount
GetCurrentProcessId
LocalFree
QueryPerformanceCounter
DeleteCriticalSection
VirtualFree
SetFilePointer
CreateMutexA
VirtualAlloc
EnumResourceNamesA
GetModuleFileNameW
GetVolumeInformationA
CreateFileA
GlobalLock
DeleteFileA
lstrlenA
InterlockedDecrement
CheckNameLegalDOS8Dot3W
WideCharToMultiByte
GetLastError
GetVersionExA
GetCurrentThreadId
CopyFileA
SetFileAttributesA
GlobalFree
GlobalUnlock
Sleep
ReleaseMutex
GetFileSize
LocalAlloc
MultiByteToWideChar
GetSystemTimeAsFileTime
WaitForSingleObject
FreeLibrary

lz32

LZCopy
LZClose
LZOpenFileA

advapi32

RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCloseKey

setupapi

CM_Get_Child
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

Sections

.text
Size: 91KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac9f85dc11fafb8e70aacfdc894f2d65

Headers

File Characteristics

Imports

kernel32

lz32

advapi32

setupapi

Sections

.text Size: 91KB - Virtual size: 486KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 74KB - Virtual size: 73KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 486KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 74KB - Virtual size: 73KB

.rsrc
Size: 512B - Virtual size: 4KB