JaffaCakes118_781b3f6a751cf14c00a2a4b5a9e6ff0b

General

Target

JaffaCakes118_781b3f6a751cf14c00a2a4b5a9e6ff0b
Size

170KB
MD5

781b3f6a751cf14c00a2a4b5a9e6ff0b
SHA1

24cf86d2faf39fa15abc8eb936b3b8ac85bc6816
SHA256

546ee55cffe8d0fb0c0e606fe8de9cb49a894b692a50e7daf6858318f5141db3
SHA512

4c7b3b9d2cdeec7cce61b42d66aa5463d565c547915bc5be907da63c6f4a5087ef02991f0ecc29a661a582e1208597e1a170c8c98dcec6fe7ad23220addad461
SSDEEP

3072:thYT1w9DMflW7lf3Hqtf6XO4Ya3f1uhlFIEaDetyHkFNHrhU4uB:thw1SDMNW5f3zLv1UIE9y0VTu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_781b3f6a751cf14c00a2a4b5a9e6ff0b

Files

JaffaCakes118_781b3f6a751cf14c00a2a4b5a9e6ff0b
.exe windows:4 windows x86 arch:x86

13859234045b0d833f09968f9dbfdfe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindAtomA
ExitProcess
GetTickCount
CreateDirectoryW
SetPriorityClass
CreateFileW
LoadLibraryExW
ResumeThread
GetStartupInfoW
SetThreadPriority
GetModuleHandleA
CopyFileW
DeviceIoControl
OpenThread
GetCommandLineW
EnumResourceLanguagesA
FindNextFileW
GetCurrentProcessId
ReleaseMutex
LoadResource
LoadModule
GetSystemTimeAsFileTime
GetExitCodeThread
QueryPerformanceCounter
EnterCriticalSection
GetProcAddress
FindClose
DeleteFileW
LeaveCriticalSection
OutputDebugStringW
FindFirstFileW
GetDriveTypeW
GetFileAttributesW
FindResourceW

advapi32

CloseServiceHandle
DeleteService
DeregisterEventSource
ReportEventW
RegEnumKeyExW
OpenSCManagerW
RegisterEventSourceW
OpenProcessToken
ControlService
OpenThreadToken
SetServiceStatus
OpenServiceW
CreateServiceW

ole32

CoTaskMemAlloc
CoRegisterClassObject
CoTaskMemRealloc
CoCreateInstance
CoUninitialize
CoRevokeClassObject
StringFromGUID2
CoInitialize
CoTaskMemFree
CoInitializeSecurity

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 89KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13859234045b0d833f09968f9dbfdfe8

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

setupapi

Sections

.text Size: 89KB - Virtual size: 485KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 77KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 485KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 4KB