2d9f7cca4d61e7d935b0318b4b912025_JaffaCakes118

General

Target

2d9f7cca4d61e7d935b0318b4b912025_JaffaCakes118
Size

179KB
MD5

2d9f7cca4d61e7d935b0318b4b912025
SHA1

f86d2c739b2a2a1aaf8791c4d4c387ce10507e80
SHA256

1cbc1f11e7bcd7e15fe92066a79e2c2293abf600894a23686c6b838653f8a5fd
SHA512

127d19c3081936c4f62ed7d328f5cbd3073631ac730e7c04095eb95edfc21f856570a4637909281a1e2fe4699a2a83c3261392c7360143e939efb1644b472570
SSDEEP

3072:f4pFvEFsB1acUnaURXrF/zL+gZOZJOS7oTadkJLVi:fgvci1CnaC/ezPOadqV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d9f7cca4d61e7d935b0318b4b912025_JaffaCakes118

Files

2d9f7cca4d61e7d935b0318b4b912025_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10000fdc163773c5083d8a5fe0716bca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

sfc

SfcIsFileProtected

kernel32

CreateToolhelp32Snapshot
FreeLibrary
LocalAlloc
InterlockedExchange
HeapFree
GetProcAddress
GetModuleHandleA
HeapAlloc
GetProcessHeap
GetLastError
lstrcatA
ExitProcess
CreateDirectoryA
lstrlenA
SetEnvironmentVariableA
lstrcpyA
GetWindowsDirectoryA
GetTempPathA
MoveFileA
CloseHandle
SetFileTime
GetFileTime
GetSystemDirectoryA
SetFilePointer
WriteFile
CreateFileA
GetTickCount
lstrcmpiA
GetFileAttributesA
OpenEventA
GetModuleFileNameA
SetUnhandledExceptionFilter
Sleep
GetCommandLineA
WideCharToMultiByte
MultiByteToWideChar
DeleteFileA
SetFileAttributesA
Process32Next
GetCurrentProcessId
Process32First
GetStartupInfoA
LoadLibraryA
RaiseException

user32

wsprintfA

shlwapi

SHDeleteKeyA

msvcrt

_strnicmp
_strlwr
_itoa
strcat
strncat
strchr
strcpy
memset
strlen
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
__CxxFrameHandler
_CxxThrowException
strncpy
strstr
rand
srand
_ftol
toupper
tolower
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_except_handler3

netapi32

NetUserGetLocalGroups
NetApiBufferFree

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10000fdc163773c5083d8a5fe0716bca

Headers

File Characteristics

Imports

version

sfc

kernel32

user32

shlwapi

msvcrt

netapi32

Sections

.text Size: 177KB - Virtual size: 177KB

.rsrc Size: 1024B - Virtual size: 880B

.text
Size: 177KB - Virtual size: 177KB

.rsrc
Size: 1024B - Virtual size: 880B