098618b997ef79a72c7b34f1418be524_JaffaCakes118

General

Target

098618b997ef79a72c7b34f1418be524_JaffaCakes118
Size

444KB
MD5

098618b997ef79a72c7b34f1418be524
SHA1

582c52af11b06d10fe1752166a3fe5c89b4569b6
SHA256

b197a1ce3bb0461c2195e992e4d5b8d2000367f6f52991421fda5d0446670248
SHA512

f359894c82fad4baf3166fb7b84b66f5e416a9448c3849165823f557d181b370e968c2eed724751aab3024b6275638566336f3e396d1cc5395c4585b238b45d5
SSDEEP

12288:l8lmhLR6QXTFBFtCT1pxYkNYI4XdRA0x++kxc:qk7LFIp2kOI4A0xKx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
098618b997ef79a72c7b34f1418be524_JaffaCakes118

Files

098618b997ef79a72c7b34f1418be524_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94f901eca2ff041bd16334017198245d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
MultiByteToWideChar
CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetProcessHeap
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
ReadFile
SetEndOfFile
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
SetFilePointer
GetOEMCP
GetCPInfo

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

94f901eca2ff041bd16334017198245d

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 404KB - Virtual size: 407KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 404KB - Virtual size: 407KB