ff98ee20e1de40a4009173b2a03b1bd0_JaffaCakes118

General

Target

ff98ee20e1de40a4009173b2a03b1bd0_JaffaCakes118
Size

208KB
MD5

ff98ee20e1de40a4009173b2a03b1bd0
SHA1

d99020d619e1ef5b97f4d732efb0ff6bbeda8c79
SHA256

75e7eae75ef28543c7604c83c6095ef080f179ff4924cd9daeb74ff1f54d7598
SHA512

c2870ebb4b4b588eebd500d410645f06ac3f862b7f3dbff3c9fd7b2082016a42d93999ac997718aad82de8732c21f404b18afb829fe51796d97ad13920731924
SSDEEP

3072:oWORRniQMbcCHbBaASUYgufG/J02Gh3NL5r7CX30LLvE8GaHufSc6XxdmauZt0P0:obI7Ru+q2Mf6EGaHucHotk0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff98ee20e1de40a4009173b2a03b1bd0_JaffaCakes118

Files

ff98ee20e1de40a4009173b2a03b1bd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1051bf45f6e229277cabd6ae8a9a152d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
FreeResource
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
DeleteFileA
GetSystemDirectoryA
GetCurrentProcess
GetVolumeInformationA
GetVersionExA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetFileSize
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetFilePointer
ReadFile
TerminateProcess
FreeEnvironmentStringsW

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1051bf45f6e229277cabd6ae8a9a152d

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 168KB - Virtual size: 165KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 168KB - Virtual size: 165KB