JaffaCakes118_4bdaec4dacec66581977ace5a21aea7a

General

Target

JaffaCakes118_4bdaec4dacec66581977ace5a21aea7a
Size

185KB
MD5

4bdaec4dacec66581977ace5a21aea7a
SHA1

562f5dd4cc827ff762e5e4aca17ceb255d54cb57
SHA256

7306f0dc2b9d6bc4e9a2875c3eb0a7d31b64bd5b1aa28e00f238884615d87d93
SHA512

c2c1a1c480a2e663fd9fea9ec9a2f50674667d0528609d1892c04691272edc245a1be7d7cf43b388e59fa7fb250ee391f3b1007827989fdc69f9d997917e6339
SSDEEP

3072:cJTJRoRjCk+OlS7h9pYt7K0gl3rV5vNyU8Hfe7qYoxFS/R2/0pcQPny:iTJmk88+Ro7PlH8/wqYoS/oqcQPn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4bdaec4dacec66581977ace5a21aea7a

Files

JaffaCakes118_4bdaec4dacec66581977ace5a21aea7a
.exe windows:4 windows x86 arch:x86

d31a0b110ee43b3a211aa4d3ac481e9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

OpenServiceW
OpenThreadToken
RegisterEventSourceW
DeleteService
SetServiceStatus
CloseServiceHandle
RegEnumKeyExW
DeregisterEventSource
OpenSCManagerW
OpenProcessToken
ReportEventW
ControlService
CreateServiceW

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

ole32

CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoTaskMemAlloc
StringFromGUID2
CoInitialize
CoInitializeSecurity

kernel32

GlobalAddAtomW
GetProcAddress
CreateDirectoryW
ReleaseMutex
ExitProcess
GetCurrentProcessId
FindFirstFileW
SetThreadPriority
SetPriorityClass
GetDriveTypeW
GetSystemTimeAsFileTime
GetStartupInfoW
LoadLibraryExW
CopyFileW
LoadResource
EnterCriticalSection
OutputDebugStringW
DeleteFileW
EnumResourceLanguagesA
OpenThread
GetModuleHandleA
ResumeThread
GetExitCodeThread
GetCommandLineW
LoadModule
GetFileAttributesW
GetTickCount
CreateFileW
FindNextFileW
DeviceIoControl
FindClose
LeaveCriticalSection
QueryPerformanceCounter
FindResourceW

Sections

.text
Size: 97KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d31a0b110ee43b3a211aa4d3ac481e9c

Headers

File Characteristics

Imports

advapi32

setupapi

ole32

kernel32

Sections

.text Size: 97KB - Virtual size: 237KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 97KB - Virtual size: 237KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 512B - Virtual size: 4KB