1815ac48c59dbe293773ac242f85df56_JaffaCakes118

General

Target

1815ac48c59dbe293773ac242f85df56_JaffaCakes118
Size

241KB
MD5

1815ac48c59dbe293773ac242f85df56
SHA1

2ac9586a7a1a6c8284b632b9c817361c6b3c286e
SHA256

6f089b5c81d2faa7e48e73e5c77d2204bf7b685bde289ab7e16b49634811a879
SHA512

083b95785b3b451b716b1407b07a382f68284277b3bc1d4e89add7c57f5f87c0cdca1eb919def595fe18a45e1905d42dd08f2ed595bb7262c2893559d115c678
SSDEEP

3072:ulGb5OOJYGX5WdfiW0zTjza6gcEBRtu7lJEw7iVHwUnGWl6di2fGcffHJ6aJRLgT:ulQYM2uSxdGJB7iVH5nd3cpjnLsJ6p2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1815ac48c59dbe293773ac242f85df56_JaffaCakes118

Files

1815ac48c59dbe293773ac242f85df56_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44ec7e47402caa9c3483f6fc36c6b077

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
StrChrW

kernel32

GetModuleHandleA
GetStartupInfoA
FormatMessageW
LocalAlloc
Sleep
GetCommandLineW
SetErrorMode
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
lstrlenW
lstrcmpW
lstrcpynW
CreateFileW
ReadFile
WriteFile
CloseHandle
GetFileSize
SetFileAttributesW
MoveFileExW
DeleteFileW
lstrlenA
GetLocalTime
lstrcpyW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
LocalFree

user32

wsprintfW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

CommandLineToArgvW

ole32

CoInitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

__dllonexit
_exit
??1type_info@@UAE@XZ
free
_except_handler3
_initterm
__getmainargs
_acmdln
exit
_CxxThrowException
strlen
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_XcptFilter
_onexit
memset
_controlfp
memcpy
__CxxFrameHandler
??2@YAPAXI@Z

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ec7e47402caa9c3483f6fc36c6b077

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

msvcp60

msvcrt

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 203KB - Virtual size: 202KB

.data Size: 1024B - Virtual size: 852B

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 203KB - Virtual size: 202KB

.data
Size: 1024B - Virtual size: 852B

.rsrc
Size: 1024B - Virtual size: 928B