34751bbd77ff621384302920184171b9_JaffaCakes118

General

Target

34751bbd77ff621384302920184171b9_JaffaCakes118
Size

269KB
MD5

34751bbd77ff621384302920184171b9
SHA1

c9f001b85f3515d86ae609eff666efe65ea99a72
SHA256

4470aa142cf3b0b06433b585f61e1b3f752d72e6b243144b58a37c509ff8f6e9
SHA512

51c3aa1d5f3215887ef50af81a7dc4fa3a0a5d89b22ebf0cce606a98e52487aed0af53e6920a0ae917639816c132b86066ea57358918b4106c21aeebe5fa8589
SSDEEP

6144:i3OodSpJNJEIAR70IS1TogsLBiRF+hizO24XZEKnMt:gO2CREVAP1TovBiRF+hwO25

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34751bbd77ff621384302920184171b9_JaffaCakes118

Files

34751bbd77ff621384302920184171b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b07796283a0b607486ac0c5b3348772

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ReadFile
SetFilePointer
WriteFile
CloseHandle
GetTickCount
GetProcessHeap
Sleep
DeleteFileA
ExitProcess
GetProcAddress
LoadLibraryA
CopyFileA
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetTempPathA
VirtualProtectEx
SetThreadContext
GetThreadContext
GetLastError
GetSystemTime
VirtualAlloc
ResumeThread
VirtualAllocEx
lstrcatA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemInfo
GetStartupInfoA
GetVersionExA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapFree
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
GetCurrentProcess
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetACP
GetOEMCP
GetCPInfo
HeapSize
SetEndOfFile

user32

GetWindowRect
GetWindowRgn

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b07796283a0b607486ac0c5b3348772

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 640B

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 640B