f370b84fe649b588aa145353740078ac_JaffaCakes118

General

Target

f370b84fe649b588aa145353740078ac_JaffaCakes118
Size

56KB
MD5

f370b84fe649b588aa145353740078ac
SHA1

1f6956ad6f5c4f5a4b85b3ca6a73267afc307f2e
SHA256

f4f2b8b473604e943bda2a62957e9e0ee7aaa39ac79982359bb8195ceadf13cd
SHA512

af719f5c63947ccac953059475986a99825eabd41840bea23c34649ce8bd8596bc58c537f60bf44076a8f5ab6d2906eb937c9aedaf26dd7c3bf68160d880ba39
SSDEEP

768:KuIrXbfxU+5Y7owI0HGq24kj0rrOijXXiB9P3aiedXW6UaKji1lc9N:KR1dMGq24kAXjcKied0H4lc9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f370b84fe649b588aa145353740078ac_JaffaCakes118

Files

f370b84fe649b588aa145353740078ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c09f91e80564b108e8964704a3c86b86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
WriteFile
CreateFileA
GetLastError
GetCommandLineA
GetLongPathNameA
GetTempPathA
WaitForSingleObject
CreateProcessA
ReadFile
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
Sleep
DeleteFileA
GetPrivateProfileIntA
GetSystemDirectoryA
GetWindowsDirectoryA
WritePrivateProfileStringA
MoveFileExA
OpenMutexA
CloseHandle
CreateMutexA
WideCharToMultiByte
ReleaseMutex
GetCPInfo
GetStringTypeW
GetStringTypeA
FlushFileBuffers
MultiByteToWideChar
IsBadCodePtr
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
HeapFree
HeapAlloc
SetUnhandledExceptionFilter
GetProcAddress
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
HeapSize
SetFilePointer
IsBadReadPtr

user32

WaitForInputIdle
DispatchMessageA
TranslateMessage
PeekMessageA
GetMessageA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegFlushKey
RegCloseKey
RegSetValueExA

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetOpenA
InternetReadFile
InternetOpenUrlA

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c09f91e80564b108e8964704a3c86b86

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 8KB