61de54da0ccbe3fb1a9cc4d448309aac_JaffaCakes118

General

Target

61de54da0ccbe3fb1a9cc4d448309aac_JaffaCakes118
Size

182KB
MD5

61de54da0ccbe3fb1a9cc4d448309aac
SHA1

fa1405a284724eb9cb486c5b25cde02df53c167d
SHA256

7f42ed0ee65ac7972584d2f8cd11be43119433a83940e12bde0ab736cbf311c9
SHA512

af88d69a6a233adff2ee4d6dcee4c64f55813bc9b5730f596bd7b45d16d75b302d82dfdc9665fb1a2a4c61ae295a1f856807426af4573f1e36bf973c2d971e5e
SSDEEP

3072:5i7hrEc15isbTeVBjqIW7Rlz66IVYoZ/9tbwLNJ6RbKYySDWl/d6o5n:5KExsUG7Rlz6BmwHRbKY5D3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61de54da0ccbe3fb1a9cc4d448309aac_JaffaCakes118

Files

61de54da0ccbe3fb1a9cc4d448309aac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae56d05abd7e5b571e05512315789829

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\zdeuh\ejuoyho\izodtiz.pdb

Imports

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

shell32

Shell_NotifyIconA

kernel32

FreeEnvironmentStringsW
FreeLibrary
GetCommProperties
GetCommandLineA
GetCurrentProcess
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileType
GetLastError
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetStringTypeA
GetStringTypeW
GetVersion
HeapAlloc
FreeEnvironmentStringsA
HeapDestroy
HeapFree
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
RequestWakeupLatency
RtlUnwind
SetCommTimeouts
SetHandleCount
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjectsEx
WaitForSingleObject
WideCharToMultiByte
WriteFile
_lread
lstrcpyA
ExitProcess
CreateRemoteThread
CancelIo
AllocateUserPhysicalPages
HeapCreate

gdi32

StretchBlt
SetTextColor
SelectObject
GetRelAbs
DeleteObject
BitBlt

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae56d05abd7e5b571e05512315789829

Headers

File Characteristics

PDB Paths

Imports

advapi32

shell32

kernel32

gdi32

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 30KB - Virtual size: 31KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 30KB - Virtual size: 31KB

.rsrc
Size: 9KB - Virtual size: 8KB