3d985f9fdee1e55e59eb99e280ad066a_JaffaCakes118

General

Target

3d985f9fdee1e55e59eb99e280ad066a_JaffaCakes118
Size

431KB
MD5

3d985f9fdee1e55e59eb99e280ad066a
SHA1

0a3673dc89860d9f1a1105e00a5f38448a815b4c
SHA256

6dc7269aa7d7c8785de0efdd99aa4a7380bbd112a1a516d4d86a739557bf31ed
SHA512

c9dab0605ee741cee2a313a90a45353fffc7edd2d910ea01194781b4eeea4fde03d3ad511dc8c981baffadaccaa8a14c6a82f31b877827eb4381c2981ac7d6b7
SSDEEP

6144:aMjjn28FKS9jM96IwCr/xFiQ2d6HsoR1sV9V/cvROmCjyeBGJq/l:aMjzRFHBdIwCDrA6hWVz0v/CyA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d985f9fdee1e55e59eb99e280ad066a_JaffaCakes118

Files

3d985f9fdee1e55e59eb99e280ad066a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
GetModuleFileNameA
SetLocalTime
GetLocalTime
GetTempFileNameA
GetTempPathA
GetCurrentProcess
VirtualAlloc
ExpandEnvironmentStringsA
GetFileAttributesA
CopyFileA
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
CloseHandle
DeleteFileA
GlobalFree
LoadLibraryA
GetProcAddress
WinExec
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree

user32

wsprintfA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey

Sections

pp1
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp2
Size: 512B - Virtual size: 353B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp3
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

pp0
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

pp1 Size: 512B - Virtual size: 272B

pp2 Size: 512B - Virtual size: 353B

pp3 Size: 512B - Virtual size: 87B

pp0 Size: 1024B - Virtual size: 687B

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 328B

pp1
Size: 512B - Virtual size: 272B

pp2
Size: 512B - Virtual size: 353B

pp3
Size: 512B - Virtual size: 87B

pp0
Size: 1024B - Virtual size: 687B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 328B