07e7ef777639c8bec5eb08ba1629df73_JaffaCakes118

General

Target

07e7ef777639c8bec5eb08ba1629df73_JaffaCakes118
Size

196KB
MD5

07e7ef777639c8bec5eb08ba1629df73
SHA1

5c37ddbfdbc0fe628e6cdd38615a5d9dc4c82405
SHA256

433651f177c9aa9e24ce2ed05e38a9c0ceac3416b7639403404e38101a34ebe8
SHA512

7b76e5caed13d770e8cd2d2e01e5ded8dcf2345a9de677e2afe20d65bd44e514bff6b770010fe09f47cf820b579d410912dad4ed1a812c40d1fecd851e8587b0
SSDEEP

3072:oTD+mV+zGioF+BwIHVw8sGJU7QUNKUWnIYoH95:OV+SvhyVveNPpzX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e7ef777639c8bec5eb08ba1629df73_JaffaCakes118

Files

07e7ef777639c8bec5eb08ba1629df73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b92f52353c68d7ab08e795824025a798

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
GetTempPathA
GetSystemDirectoryA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LockResource
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
CreateFileA
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
SizeofResource
LoadLibraryA
GetProcAddress
FreeLibrary
GetOEMCP
WinExec
HeapAlloc
RtlUnwind
VirtualFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetEnvironmentVariableA

user32

MessageBoxA
LoadAcceleratorsA
EndDialog
DialogBoxParamA
DestroyWindow
DefWindowProcA
BeginPaint
GetClientRect
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA

advapi32

RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegCreateKeyExA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b92f52353c68d7ab08e795824025a798

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 144KB - Virtual size: 141KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 144KB - Virtual size: 141KB