3e371f344624d28ef600f81bd4d79002_JaffaCakes118

General

Target

3e371f344624d28ef600f81bd4d79002_JaffaCakes118
Size

31KB
MD5

3e371f344624d28ef600f81bd4d79002
SHA1

b710bae3366669084d3d0389fbc3005944eaaab7
SHA256

d2dfa9150bde805547c947e0c4510685cb7e3f59205aac5db76a59c5fbe226a4
SHA512

6eda7d56b5d9b532212a2ccc98a20d86fd35fd6c10c5a5e457d80855fb0449e15437668521f066edd9062f40479711167115332258bc3b882b87cccb781dc948
SSDEEP

768:j+01d/PfJC60FSsjQAa2C7M7266ZMVLT:j+01NPfb0w4a2C7E6ZMV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e371f344624d28ef600f81bd4d79002_JaffaCakes118

Files

3e371f344624d28ef600f81bd4d79002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6df0259905be6d277a2fdb190eb9530

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
ExitThread
GetTickCount
WaitForSingleObject
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetLocaleInfoA
GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleHandleA
GlobalUnlock
GlobalLock
Sleep
GetWindowsDirectoryA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetTempPathA
ReleaseMutex
CreateMutexA
TerminateThread
GetFileAttributesA
CopyFileA
SetFileAttributesA
ReadFile
SetFilePointer
lstrlenA
GetFileSize
GetSystemTime
ExitProcess
CreateThread
GlobalAlloc
LocalFree
GetStartupInfoA
GetLastError

user32

ShowWindow
CloseClipboard
SetClipboardData
EmptyClipboard
SetForegroundWindow
BlockInput
SetFocus
keybd_event
VkKeyScanA
OpenClipboard

msvcrt

_CxxThrowException
strcpy
sprintf
srand
memset
memcpy
strcmp
rand
atoi
strcat
free
malloc
strncpy
strlen
_vsnprintf
??2@YAPAXI@Z
strstr
strchr
_snprintf
strtok
memcmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??1type_info@@UAE@XZ

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6df0259905be6d277a2fdb190eb9530

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

ole32

oleaut32

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 275KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 275KB