3a78fd87256f25825a10f605d8d4b515_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a78fd87256f25825a10f605d8d4b515_JaffaCakes118
Size

88KB
MD5

3a78fd87256f25825a10f605d8d4b515
SHA1

e64cf7335ad26c087eca882561522136ba131fcb
SHA256

c9a20568fa436ece85d3e8bc72df37e87fe77735172535502e22df762480bae0
SHA512

55f145c0c62fb0d81982166ae5939f08dde613536f24f720eaea21fc404874217926efd28c4e93135944888c8177c7928c6a6ff78e95ab22a1c2013dab29595e
SSDEEP

1536:l/inTv+oQzz6nyPqMvw4GJETv/WZd7uTKl8ro7UnAYv5FHDXk3+:l/+v+oQn6nyPrwpJaXWDOKlP76Bvj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a78fd87256f25825a10f605d8d4b515_JaffaCakes118

Files

3a78fd87256f25825a10f605d8d4b515_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ce15837fdd17538d48b44ac07255b784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
OpenFileMappingA
GetLastError
CreateDirectoryA
GetLocalTime
FindAtomW
FindAtomA
OpenFile
GetCPInfo
GetFileTime
CopyFileExW
CopyFileA
GetStdHandle
GetPriorityClass
ExitThread
DeleteAtom
FreeResource
CopyFileExA
FindClose
GetLastError
DeleteAtom
GetCommandLineA
AddAtomW
WriteFile
ReadFile
GetCPInfo
GetStdHandle
GetFileType
CopyFileExW
DeleteFileA
OpenFile
FindAtomW
GetCPInfo
GetLastError
GlobalFree
DeleteFileA
CopyFileA
FindAtomA
FatalExit
GetLocalTime
ExitThread
DeleteAtom
AddAtomA
OpenFileMappingA
GetStdHandle
GetFileType
CreateDirectoryA
GetFileTime
CopyFileExW
GetLocalTime
AddAtomW
DeleteFileW
GetCommandLineA
GetFileType
CopyFileExA
OpenFile
GetStdHandle
FindAtomW
ExitThread
WriteFile
FindAtomA

advapi32

RegEnumKeyW
RegEnumKeyExA
RegDeleteKeyW
RegQueryValueA
RegQueryInfoKeyA
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueW
RegEnumKeyExW
RegDeleteValueW
RegFlushKey
RegQueryValueExW
RegEnumKeyW
RegGetKeySecurity
RegDeleteValueA
RegFlushKey
RegDeleteKeyA
RegQueryValueExA
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegEnumValueA
RegReplaceKeyW
RegEnumKeyExA
RegOpenKeyExW
RegEnumKeyA
RegEnumKeyA
RegQueryValueExW
RegEnumValueW
RegEnumKeyExA
RegCreateKeyExW
RegGetKeySecurity
RegQueryValueExA
RegReplaceKeyA
RegCreateKeyA
RegOpenKeyW
RegCreateKeyW
RegOpenKeyExA
RegLoadKeyW
RegFlushKey
RegLoadKeyA
RegQueryInfoKeyA

Sections

.itext
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 48KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 715B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce15837fdd17538d48b44ac07255b784

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.itext Size: 26KB - Virtual size: 26KB

.edata Size: 8KB - Virtual size: 8KB

.init Size: 48KB - Virtual size: 335KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 715B

.itext
Size: 26KB - Virtual size: 26KB

.edata
Size: 8KB - Virtual size: 8KB

.init
Size: 48KB - Virtual size: 335KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 715B