341adc77db7b4ff604b37410f4878dec_JaffaCakes118

General

Target

341adc77db7b4ff604b37410f4878dec_JaffaCakes118
Size

43KB
MD5

341adc77db7b4ff604b37410f4878dec
SHA1

982fac4d1063e6f42bb4ef61125f22ac3e807cad
SHA256

e4c743c3f068ec08932f818ed40d68a68685e3f1551d8c27f9c96e6fcf1d86b9
SHA512

36aea26229114e1cdb3b37e11c6dbeb3d80d9bcbc2418fb5a6da3870dd78fba60bb46cb8cbe992dc12c98a0678f4fd5773f59c33a4b430b688d9ccabc03f3d4d
SSDEEP

768:tImdMUdivBwD4L9dOnBQsDBJISPBHe5HDkKUY4Gionuk8lhH1vbSP0hTFAcvfGmH:9iU+9p6BHPBHKkqfQhVvthTFAcmCpr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
341adc77db7b4ff604b37410f4878dec_JaffaCakes118

Files

341adc77db7b4ff604b37410f4878dec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00a28be0b4b79ad33c3c62fed3f70bae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_strupr
sprintf
strstr
_except_handler3
memset
memcpy

advapi32

RegSetValueA
RegSetValueExA
RegEnumValueA
RegOpenKeyA
RegQueryValueA
RegCloseKey
RegCreateKeyExA

kernel32

CreateFileMappingA
WaitForSingleObject
lstrcpyA
UnmapViewOfFile
GetFileAttributesExA
ExpandEnvironmentStringsA
OpenMutexA
lstrcatA
GetModuleHandleA
lstrlenA
ExitProcess
Sleep
GetModuleFileNameA
FreeLibrary
GetCurrentProcessId
MapViewOfFile
OpenFileMappingA
GetVersionExA
SetErrorMode
CreateDirectoryA
LockResource
LocalAlloc
IsBadReadPtr
GetProcAddress
LoadLibraryA
FreeResource
DeleteFileA
SetFilePointer
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
GetTempPathA
LoadResource
SizeofResource
FindResourceA
GetFileAttributesA
MoveFileExA
MultiByteToWideChar
CopyFileA
TerminateProcess
ResumeThread
SetThreadContext
GetThreadContext
WriteProcessMemory
VirtualAllocEx
CreateProcessA
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00a28be0b4b79ad33c3c62fed3f70bae

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 34KB - Virtual size: 34KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 34KB - Virtual size: 34KB