3a58abd5d1d9a5ed56f3b2adb0648e3e_JaffaCakes118

General

Target

3a58abd5d1d9a5ed56f3b2adb0648e3e_JaffaCakes118
Size

8KB
MD5

3a58abd5d1d9a5ed56f3b2adb0648e3e
SHA1

180ffc9395dc3aa11a1c0294fe3fc28c948c550a
SHA256

9a206f6ab0d66ab02b3bd318b8fa27f14dff92adf382b2c3b1da70cdd8a53a7d
SHA512

f5dccd41cc8ea459c37e45c220a6faf8c35109c08dc87477443452b737d169e0e170a5fee66564fd01fbb96abf08a34d02d902658858d8dc12347a9c2039a362
SSDEEP

192:kmiTPACo3gq3zoT0RwsRkl4eg3EZyUAApx+mgG:0PALgq3zoTozeg3IyNApx+BG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a58abd5d1d9a5ed56f3b2adb0648e3e_JaffaCakes118

Files

3a58abd5d1d9a5ed56f3b2adb0648e3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72ec095cde469a95842ebeedbe1d8dfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
CreateProcessA
CreateFileA
GetProcessHeap
GetSystemTime
CreateMutexA
SetFilePointer
SetStdHandle
GetCurrentProcess
DisableThreadLibraryCalls
UnhandledExceptionFilter
InterlockedDecrement
LCMapStringA
FileTimeToSystemTime
GetModuleHandleA
GetTickCount
GetStartupInfoA
InterlockedExchange
HeapAlloc
HeapReAlloc
CreateEventW
SetConsoleCP
GetVersion
GetModuleHandleW
WriteConsoleA
lstrcmpiW
ReadFile
OpenEventW
GetSystemInfo
HeapDestroy
WriteFile
VirtualProtect
GetOEMCP
ExitProcess
GetCurrentThreadId
CloseHandle
FindResourceW
GetCommandLineW
GetACP

user32

KillTimer
GetMenu
SetCursor
DestroyWindow
GetSysColor
SendMessageA
LoadStringA
ShowWindow

msvcrt

??1type_info@@UAE@XZ
??2@YAPAXI@Z
__getmainargs
iswdigit
memcpy
_vsnprintf

advapi32

OpenThreadToken
RegCreateKeyExA
RegDeleteKeyW

gdi32

GetClipBox
DeleteDC
SetTextColor

version

GetFileVersionInfoSizeW

ole32

CoTestCancel

lz32

LZClose

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72ec095cde469a95842ebeedbe1d8dfd

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

gdi32

version

ole32

lz32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 4KB - Virtual size: 16KB

.idata Size: 1024B - Virtual size: 2KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 16KB

.idata
Size: 1024B - Virtual size: 2KB