JaffaCakes118_68c5654fddb74d05d8e0ad9aac003592

General

Target

JaffaCakes118_68c5654fddb74d05d8e0ad9aac003592
Size

185KB
MD5

68c5654fddb74d05d8e0ad9aac003592
SHA1

0045dfe6eea676201e629fab12a5b8775b6b39e2
SHA256

1300081e42078a7a6ee833d501322a567c59f53179ccb6b0a548b9b1f9b12cb5
SHA512

8b823e063c993c01d2226e877bf8b1127c35f3de1ec8b135e5fe5ed1b6ccfb27caf03008299e77a86ea6baed3b66ffe2278f02346d4eada5c7821554ee4dd779
SSDEEP

3072:UJofBTHGO+1QGKWR1GZDHUyL/lwORr2riIhWYLX7hr9O3PB++VR9LhgER:8jOcQGZUjUyL/YHLNx2B++VLL9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_68c5654fddb74d05d8e0ad9aac003592

Files

JaffaCakes118_68c5654fddb74d05d8e0ad9aac003592
.exe windows:4 windows x86 arch:x86

c746f23b768e83443e401ac4f8f4f406

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

lz32

LZClose
LZCopy
LZOpenFileA

advapi32

RegQueryValueA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

kernel32

TerminateProcess
GetVersionExA
IsBadReadPtr
ReadFile
UnhandledExceptionFilter
AddAtomW
TlsSetValue
CreateFileA
SetStdHandle
GetACP
IsBadCodePtr
WriteFile
FreeEnvironmentStringsA
GetStdHandle
GetStartupInfoA
WideCharToMultiByte
GetEnvironmentStringsW
FindFirstFileA
GetStringTypeW
EnumResourceNamesA
GetModuleFileNameA
GetCPInfo
GetCurrentProcess
LCMapStringW
LCMapStringA
SetHandleCount
HeapSize
GetFileType
GetStringTypeA
SetUnhandledExceptionFilter
TlsGetValue
GetThreadLocale
FreeEnvironmentStringsW
WriteFileGather
GetFileAttributesA
GetOEMCP
FlushFileBuffers
GetEnvironmentStrings
GetFullPathNameA
VirtualProtect
GetLocaleInfoA
SetFilePointer
GetDiskFreeSpaceA

Sections

.text
Size: 98KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c746f23b768e83443e401ac4f8f4f406

Headers

File Characteristics

Imports

setupapi

lz32

advapi32

kernel32

Sections

.text Size: 98KB - Virtual size: 241KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 241KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 512B - Virtual size: 4KB