0a5ff143fc5e6e3b889a2ccdf12df577_JaffaCakes118

General

Target

0a5ff143fc5e6e3b889a2ccdf12df577_JaffaCakes118
Size

116KB
MD5

0a5ff143fc5e6e3b889a2ccdf12df577
SHA1

ccfc7d9db46114cf64b057be259fc337a8071a47
SHA256

c43e3c9502c926edb9e23395dcf12e877f5b265f673e76693d05aba7e63c4e44
SHA512

1b304abe52ad73f0881634c447c19bfb8b1c00765630152a984a3e443f7d5b5bb060fe67c7bcadc2b6cb97e39049e0fc98c8432db6bba005a680b5442684b98a
SSDEEP

3072:g4s46+e95AllGTuzyQS1ASJNy35LlHI5IwYj20:gGm5AMo61dw35LRR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a5ff143fc5e6e3b889a2ccdf12df577_JaffaCakes118

Files

0a5ff143fc5e6e3b889a2ccdf12df577_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10ab2e26184f12cbdf9c25d463e04e37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
CloseHandle
GetUserGeoID
GetGeoInfoA
WriteFile
GetLocaleInfoA
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapAlloc
GetACP
GetOEMCP
GetCPInfo
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
ExitProcess
GetProcAddress
HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
VirtualProtect
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
LoadLibraryA
SetStdHandle
FlushFileBuffers
RaiseException

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyA
RegEnumValueA
RegCreateKeyExA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10ab2e26184f12cbdf9c25d463e04e37

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 68KB - Virtual size: 72KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 68KB - Virtual size: 72KB