JaffaCakes118_962089c4b764c98aa2c3384c9cb28bfa

General

Target

JaffaCakes118_962089c4b764c98aa2c3384c9cb28bfa
Size

172KB
MD5

962089c4b764c98aa2c3384c9cb28bfa
SHA1

2e0b45ac96682d69dfbeff9cbb82816ceb4a16a5
SHA256

1bd62edb6ad615df2c34da13ec1ac7eb99a34a6355f3b5469ad6701067fe8680
SHA512

6f26ecae62f6fad753dac56760e8f3ceeb779ade0b8e984628568eaff7fa207af60a31eac7a02e0f9bd6694e79a140a080ca7d282249f8a66d6a6bb937b94c0b
SSDEEP

3072:zNs8kq7jAJzgpGJ86VfsrVzthPOSzjbAak3vgZThr1gVXcgEtu+ESdL4BE:zNrPAxgpKVfsrpmSrAa8vKhr14XqMsdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_962089c4b764c98aa2c3384c9cb28bfa

Files

JaffaCakes118_962089c4b764c98aa2c3384c9cb28bfa
.exe windows:4 windows x86 arch:x86

39192853abe05460e725c787cc97010a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegQueryValueA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegEnumKeyA
RegOpenKeyA
RegCloseKey

kernel32

CopyFileA
DeviceIoControl
GlobalUnlock
GetSystemTime
AddAtomW
Sleep
GetTempFileNameA
MultiByteToWideChar
CloseHandle
GetCurrentThreadId
GetVersionExA
InterlockedDecrement
DeleteCriticalSection
CreateFileW
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
WideCharToMultiByte
GetVolumeInformationA
SetFileAttributesA
GetTickCount
GetModuleFileNameW
LocalFree
GetLastError
EnumResourceNamesA
GetModuleFileNameA
ReadFile
LocalAlloc
lstrlenA
GetFileSize
DeleteFileA
GetFileAttributesA
InitializeCriticalSection
SetFilePointer
GlobalFree
WaitForSingleObject
VirtualAlloc
CreateHardLinkW
GetTempPathA
VirtualFree
GlobalLock
InterlockedIncrement
GetCurrentProcessId
CreateDirectoryA
QueryPerformanceCounter
ReleaseMutex
CreateMutexA
CreateFileA
FreeLibrary

lz32

LZClose
LZCopy
LZOpenFileA

Sections

.text
Size: 89KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39192853abe05460e725c787cc97010a

Headers

File Characteristics

Imports

setupapi

advapi32

kernel32

lz32

Sections

.text Size: 89KB - Virtual size: 233KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 79KB - Virtual size: 79KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 233KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 79KB - Virtual size: 79KB

.rsrc
Size: 512B - Virtual size: 4KB