2f80387ddc73de145a2fd78595b0e7f1_JaffaCakes118

General

Target

2f80387ddc73de145a2fd78595b0e7f1_JaffaCakes118
Size

116KB
MD5

2f80387ddc73de145a2fd78595b0e7f1
SHA1

eb3dba9b301bca5f1ce68e14a6d365da64d0e332
SHA256

1d8c3646d412639ba9ad90fe0ace9a6ba8668e4aafef389dcf8bcaf803302321
SHA512

bfd1348f2323dcabf107fd822e02f6147d1b2068d02fec15023824baa7e5e74cd8257ba362e59918a4cd144ba440331ab2f6311d8b5757035ab355f2204c00e9
SSDEEP

3072:F0Dw0ih4piEK1YleSVS1t+o3yNsIRxoJI6Wfi:F0k0ih4sEKCPVS1t+o3u7RY5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f80387ddc73de145a2fd78595b0e7f1_JaffaCakes118

Files

2f80387ddc73de145a2fd78595b0e7f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d45d4ef707a28d267388fd5dcec437b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrlenA
GetSystemDefaultLangID
GetFileAttributesA
ReadFile
lstrcpyA
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
HeapReAlloc
GetLastError
MultiByteToWideChar
GetCommandLineA
GetVersion
FlushFileBuffers
WriteFile
SetHandleCount
GetStdHandle
CreateFileA
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
GetStringTypeA
GetStringTypeW
SetStdHandle
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d45d4ef707a28d267388fd5dcec437b

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 80KB

.crdata Size: 20KB - Virtual size: 20KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 80KB

.crdata
Size: 20KB - Virtual size: 20KB