JaffaCakes118_a42c18ffb0c8498155c2aadcb072c39c

General

Target

JaffaCakes118_a42c18ffb0c8498155c2aadcb072c39c
Size

169KB
MD5

a42c18ffb0c8498155c2aadcb072c39c
SHA1

3f35fbca35ee2b94e16b36e27b2aec4f668ab78c
SHA256

74eea929eddb500065246acf0287f270e6ec5da96605d5c20b063cf0ba1201e8
SHA512

97a98c02cd596779bce03921887e043ce6206cbce155f932bb9c99b387398a9c21f0f57836b0e4a7a4c501fd64432e220aca02ce927bd26d269aba9916911a8b
SSDEEP

3072:vASaBv/HCthEWNcBMBCRGT+oN5+eyuHZljVDIZJgqAmsoKrrkJ+jG73:vANN/sEWKCQMTGeRjZQJgLmoPkc2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a42c18ffb0c8498155c2aadcb072c39c

Files

JaffaCakes118_a42c18ffb0c8498155c2aadcb072c39c
.exe windows:4 windows x86 arch:x86

2e3e11e59a868e95742ec3d71a8ce982

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Child
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

advapi32

RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegOpenKeyA
RegCloseKey

lz32

LZClose
LZCopy
LZOpenFileA

kernel32

WaitForSingleObject
CreateFileW
InterlockedDecrement
GetModuleFileNameW
AddAtomW
GetCurrentProcessId
SetFileAttributesA
GetSystemTimeAsFileTime
CreateMutexA
VirtualAlloc
CreateFileA
DeleteCriticalSection
VirtualFree
GetTickCount
DeviceIoControl
GetFileAttributesA
GetCurrentThreadId
GetTempFileNameA
LocalFree
GetVersionExA
GetLastError
lstrlenA
EnumResourceNamesA
ReleaseMutex
GetVolumeInformationA
CloseHandle
InitializeCriticalSection
ReadFile
LocalAlloc
InterlockedIncrement
WideCharToMultiByte
DisableThreadLibraryCalls
CreateDirectoryA
DeleteFileA
GlobalUnlock
QueryPerformanceCounter
GlobalLock
FindResourceA
SetFilePointer
Sleep
GetSystemTime
GetModuleFileNameA
CopyFileA
GetFileSize
MultiByteToWideChar
GlobalFree
GetTempPathA
FreeLibrary

Sections

.text
Size: 92KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e3e11e59a868e95742ec3d71a8ce982

Headers

File Characteristics

Imports

setupapi

advapi32

lz32

kernel32

Sections

.text Size: 92KB - Virtual size: 484KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 73KB - Virtual size: 72KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 484KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 73KB - Virtual size: 72KB

.rsrc
Size: 512B - Virtual size: 4KB