0a450102c0d791261b95fbd75a31a494_JaffaCakes118

General

Target

0a450102c0d791261b95fbd75a31a494_JaffaCakes118
Size

256KB
MD5

0a450102c0d791261b95fbd75a31a494
SHA1

fa1fccc35831dfa9066302b514bae077e2e6b91f
SHA256

584cfd0ebe623a082e585b8f6b290b3a08d03f1c41cc8f96412a29c36e337a01
SHA512

dcec4578227d09f388675760d59eb60f2016b3fc3cbd1e38b14edccf9b0855c0a16fd40772a05eb318143e3ec932d2d50479ed79a2ba2315e656bc1b8eb2da4a
SSDEEP

3072:SQKySSiI+R4Aqt7bE5lHebIEvzT0s2rRsamQN6ahC1bBz7zU/WZAn53mkZ8f7QJp:wpI+R4R1eeb7T0s/76C1bxsUAnLZe732

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a450102c0d791261b95fbd75a31a494_JaffaCakes118

Files

0a450102c0d791261b95fbd75a31a494_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91e7a70e55b5358720505ecf897a3342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateFileA
WriteFile
GetLogicalDrives
DeviceIoControl
GetCurrentProcess
SetLastError
GetModuleFileNameA
WritePrivateProfileStringA
DeleteFileA
SetFileAttributesA
GetProcAddress
GetModuleHandleA
IsBadWritePtr
IsBadReadPtr
SetFilePointer
ReadFile
CloseHandle
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetOEMCP
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
RtlUnwind
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetUnhandledExceptionFilter
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
SetEndOfFile

shlwapi

PathAppendA
PathRemoveFileSpecA

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

91e7a70e55b5358720505ecf897a3342

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 276KB

.rsrc Size: 4KB - Virtual size: 1KB

.text Size: 168KB - Virtual size: 168KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 276KB

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 168KB - Virtual size: 168KB