0c578ac5104de797531f41291bde25e8_JaffaCakes118

General

Target

0c578ac5104de797531f41291bde25e8_JaffaCakes118
Size

132KB
MD5

0c578ac5104de797531f41291bde25e8
SHA1

4e9f4bec2d1393ad307cd350fc2a7b4f0dd69492
SHA256

99965958b5d3e83d04b9542cfc3ece5cc2c894d2c7e9d93fb1b59ad505c66d8e
SHA512

f4799f8ada12355826835ef13a3d1a50399baf89254ca117c1f8b535e71b9a4f7a13f59c542690298feb69688795424592e1608e20e2437da0230b9f65a3cc20
SSDEEP

1536:qV2maegVo3IKgypXyBy5DUg45QRJap5SP63VA0gdfBXcUMnC1WMS0kjXNcu/wTbZ:qVSea0IKwqJwxgtiC1uTq6Gr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c578ac5104de797531f41291bde25e8_JaffaCakes118

Files

0c578ac5104de797531f41291bde25e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdb29a902020ea9385bec74571648a9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
FreeLibrary
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
_lclose
_lwrite
_lread
_lcreat
_lopen
TerminateProcess
GetFileTime
CreateFileA
OpenMutexA
FindClose
FindNextFileA
CompareFileTime
FindFirstFileA
GetEnvironmentVariableA
DeleteFileA
Sleep
CreateProcessA
GetStartupInfoA
CloseHandle
GetModuleHandleA
WaitForSingleObject
ReleaseMutex
CopyFileA
GetFileType
GetTickCount
GetModuleFileNameA
HeapDestroy
LCMapStringA
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
MultiByteToWideChar
GetVersionExA
LCMapStringW
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

user32

wsprintfA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

ole32

OleInitialize
OleUninitialize

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bdb29a902020ea9385bec74571648a9e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 13KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 13KB