34c5b6680dd28a6def91b894f767fa20_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34c5b6680dd28a6def91b894f767fa20_JaffaCakes118
Size

44KB
MD5

34c5b6680dd28a6def91b894f767fa20
SHA1

849f70f623ba465ee589ae969603275e6f9b0d7c
SHA256

c12811339cfdc75106c4d5064385ad4be893547baa317f17f341b4648c5c4250
SHA512

7d3d4228cee08e97e88807bda6cc65e3482158bb8c9465a753a76c860e1752fdd73e2813a538271e6b37368633365128d32d054b2c602deea6c19562a75e8293
SSDEEP

768:DKHpu1NuKcy8IhhJ7HcjzCqr2PACdCtF:DKggKcydhn7HcrNCdCL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c5b6680dd28a6def91b894f767fa20_JaffaCakes118

Files

34c5b6680dd28a6def91b894f767fa20_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b89c7cdf8ce6e69d37072ec6cc4cc3f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
DeleteFileA
GetTempFileNameA
GetPrivateProfileStringA
MoveFileA
LocalAlloc
lstrcmpA
WriteFile
FindClose
CloseHandle
SetFileAttributesA
GetLastError
CreateEventA
GetFileAttributesA
CreateDirectoryA
WideCharToMultiByte
lstrcpynA
GetProfileStringA
WriteProfileStringA
lstrlenA
lstrcpyA
LocalFree
FindNextFileA
FindFirstFileA
SetFilePointer
GetVersion
ExitProcess
SetStdHandle
lstrcatA
FlushFileBuffers
RtlUnwind
HeapAlloc
HeapFree
GetProcAddress
HeapCreate
GetStdHandle
SetHandleCount
GetOEMCP
GetFileType
GetCPInfo
GetEnvironmentStringsW
GetACP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LoadLibraryA
GetEnvironmentStrings
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

CharUpperBuffA
CharNextA
wsprintfA
MessageBoxA
LoadStringA
DispatchMessageA
UnregisterClassA
DestroyWindow
TranslateMessage
GetMessageA
RegisterClassA
CreateWindowExA
DefWindowProcA
PostQuitMessage

advapi32

RegSetValueExA
RegOpenKeyA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b89c7cdf8ce6e69d37072ec6cc4cc3f2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 105B

.data Size: 8KB - Virtual size: 9KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 20KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 105B

.data
Size: 8KB - Virtual size: 9KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 20KB