1aae4e0202d97af0eca5f1655e0229bf_JaffaCakes118

General

Target

1aae4e0202d97af0eca5f1655e0229bf_JaffaCakes118
Size

44KB
MD5

1aae4e0202d97af0eca5f1655e0229bf
SHA1

7c0427c70c149a0013a19813b0eb69f672b62d28
SHA256

794a52cf0723583f5a6c412887c991cfbc0d0172944fa3d789cfd1dfbc1e6bfe
SHA512

9383b21fc88fda5bc03a81630c5fd9f26b974e4f9964d8539a78262cc576214702bff1fe06a9344b873729f61a23e115d48224a7b4d832679678296bf47ad8f7
SSDEEP

768:X8yvy8r6XL+KIAEZxKmNdk565O07OBtLW/JlA:sy1r6XL+KIAEaMu6OqgKlA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aae4e0202d97af0eca5f1655e0229bf_JaffaCakes118

Files

1aae4e0202d97af0eca5f1655e0229bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6836fe1de26031bf8e9331cd32263c10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\My Projects\Eraser\Update\Release\Update.pdb

Imports

kernel32

GetLastError
RemoveDirectoryA
SetFileAttributesA
DeleteFileA
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
MoveFileA
Sleep
WaitForSingleObject
OpenProcess
CloseHandle
SetEvent
OpenEventA
GetModuleFileNameA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
SetFilePointer
HeapAlloc
MultiByteToWideChar
VirtualProtect
VirtualAlloc
GetSystemInfo
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
SetStdHandle
GetStringTypeA
GetStringTypeW
ReadFile
HeapSize
LCMapStringA
LCMapStringW
FlushFileBuffers
GetLocaleInfoA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6836fe1de26031bf8e9331cd32263c10

Headers

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB