43a65c2b08be3c26a0fba6afe455e101_JaffaCakes118

General

Target

43a65c2b08be3c26a0fba6afe455e101_JaffaCakes118
Size

184KB
MD5

43a65c2b08be3c26a0fba6afe455e101
SHA1

20080a4c0ec6c48efcec3173a2b45f3f72ed308f
SHA256

a70a530850bffadfc55039e4195adeae87e6ccbcdb759efec691a982ce254166
SHA512

95da65168d95e26f5d39e65fbbc441ed3f2f7fec2603360a079f45554bd480168ac9505f93eefaab0ff9282f0d120eb92e4d6acbd980739e6fc85e7440bcfe40
SSDEEP

3072:m+7gUanoa4wmIyLLcZSz7scZboqi8l/FeWgbo:m+7OcLgZwtZRFo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43a65c2b08be3c26a0fba6afe455e101_JaffaCakes118

Files

43a65c2b08be3c26a0fba6afe455e101_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5102c22ae3c9a8134c281b55ab5d3af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
DeleteFileA
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
LoadResource
SizeofResource
LockResource
CreateProcessA
GetLastError
WaitForSingleObject
GetExitCodeProcess
GetModuleFileNameA
CloseHandle
GetStringTypeA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetProcAddress
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
SetStdHandle
FlushFileBuffers
SetFilePointer
CreateFileA
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetStringTypeW

advapi32

QueryServiceStatus
DeleteService
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5102c22ae3c9a8134c281b55ab5d3af

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 136KB - Virtual size: 132KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 136KB - Virtual size: 132KB