JaffaCakes118_a6502c0a524bb780b5a3d8387c6a0a76

General

Target

JaffaCakes118_a6502c0a524bb780b5a3d8387c6a0a76
Size

279KB
MD5

a6502c0a524bb780b5a3d8387c6a0a76
SHA1

7756f614ebb97e426dc99ad42ab3fa55416dfcaa
SHA256

318a14189b87bdb8b8304e6c0a2ea55869e39866e193025633231513ad780e23
SHA512

1878a24fc751046c02ae9bc77d5f2fdabe99c9bd53790138c12d4480dd115e7ecbb1e55fa8415d0cf1b1cecdf448fc88ed2dd93b4fc7d91ad3203796368dbc76
SSDEEP

6144:XUf+h/9/nwcAVgC5A2zx0RPOES/Cjf70Bxqq/9tLjbxTwex:Ef+j/wNGC12RPOES/CT4xLh8U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_a6502c0a524bb780b5a3d8387c6a0a76

Files

JaffaCakes118_a6502c0a524bb780b5a3d8387c6a0a76
.exe windows:4 windows x86 arch:x86

6f0780e48fded9b151362e1acdea188d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

advapi32

OpenThreadToken
SetServiceStatus
OpenServiceW
RegisterEventSourceW
CloseServiceHandle
ReportEventW
OpenSCManagerW
ControlService
OpenProcessToken
DeleteService
DeregisterEventSource
RegEnumKeyExW
CreateServiceW

kernel32

SetThreadPriority
FindClose
OpenThread
GlobalAddAtomW
FindNextFileW
GetSystemTimeAsFileTime
DeleteFileW
SetPriorityClass
GetStartupInfoW
CreateDirectoryW
GetProcAddress
ResumeThread
EnterCriticalSection
LeaveCriticalSection
CopyFileW
EnumResourceLanguagesW
CreateFileW
ReleaseMutex
GetCurrentProcessId
LoadLibraryExW
GetFileAttributesW
LoadModule
GetTickCount
LoadResource
DeviceIoControl
QueryPerformanceCounter
ExitProcess
FindFirstFileW
GetModuleHandleA
OutputDebugStringW
GetCommandLineW
GetExitCodeThread
GetDriveTypeW
FindResourceW

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

ole32

CoTaskMemAlloc
CoInitialize
CoRegisterClassObject
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
StringFromGUID2
CoTaskMemRealloc
CoInitializeSecurity

Sections

.text
Size: 135KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f0780e48fded9b151362e1acdea188d

Headers

File Characteristics

Imports

shell32

advapi32

kernel32

setupapi

ole32

Sections

.text Size: 135KB - Virtual size: 270KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 140KB - Virtual size: 140KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 135KB - Virtual size: 270KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 140KB - Virtual size: 140KB

.rsrc
Size: 512B - Virtual size: 4KB