b375f57d25a368d33b16a39ab8048223_JaffaCakes118

General

Target

b375f57d25a368d33b16a39ab8048223_JaffaCakes118
Size

64KB
MD5

b375f57d25a368d33b16a39ab8048223
SHA1

ee0c80523e193678a0cdde19484e8d13b4647e5a
SHA256

77e28b2ceeae6a28dbdc313934e48cc318089fbc54c71e1f4a7b1898b968f9a1
SHA512

a95afadf4a59e6918776841fb8ea17c25f52fedfca60afa21ceafff7b61d8e87a5b406a3302a842a5ab8f22f5f81d323046f3ff3c52c1cf54b03b8f355b56cae
SSDEEP

768:3RJFhlTmhdpmBkV/LxrqHk4rhfAwGzVv3HbLnNV7HSnGDfsIjBoNEIkRDz:BJ5ihdpmK7Gn6vbLNV7HYsoNoRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b375f57d25a368d33b16a39ab8048223_JaffaCakes118

Files

b375f57d25a368d33b16a39ab8048223_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17c598c86ce20eebbd3ca1d516132781

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
DeleteFileA
RemoveDirectoryA
FindFirstFileA
FindClose
GetStringTypeW
GetStringTypeA
LCMapStringW
GetModuleFileNameA
CreateProcessA
WaitForSingleObject
CloseHandle
OpenFileMappingA
lstrlenA
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetLastError
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
FlushFileBuffers

user32

MessageBoxA
GetDesktopWindow

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17c598c86ce20eebbd3ca1d516132781

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 4KB