773d5a0003afe112ea21eb6826567c97_JaffaCakes118

General

Target

773d5a0003afe112ea21eb6826567c97_JaffaCakes118
Size

23KB
MD5

773d5a0003afe112ea21eb6826567c97
SHA1

8b9610f0d42dd71b61a06407c4961a41a6e2f8b5
SHA256

50441e732f97791e99fcfb8b7acb67940491ecb980a559bf54ef5a80036c50a1
SHA512

45b36fe9c4a918b9dbaaaed31f145860c3318c3abb410b12cd5424eced5f60c1b6005f5e00d5770393768588724eaab859417a71a9a4e82d916d852d6980d635
SSDEEP

384:PByWLSsfzvYZZWui6SMEaSBQ9TIxt9ygTonDkmbC2fgD7VSTWDgugEr+CcEEWweJ:PA2Oxi6ScuxLEkmJfoxS6aCcE1J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
773d5a0003afe112ea21eb6826567c97_JaffaCakes118

Files

773d5a0003afe112ea21eb6826567c97_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8016de4024caf40983b77f8c7ddf90c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
RtlUnwind
VirtualProtect
GetSystemInfo
VirtualQuery

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8016de4024caf40983b77f8c7ddf90c5

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 1024B

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 1024B