42eed8aec6b839f7989c93fbf78af79c_JaffaCakes118

General

Target

42eed8aec6b839f7989c93fbf78af79c_JaffaCakes118
Size

154KB
MD5

42eed8aec6b839f7989c93fbf78af79c
SHA1

2b06f56ee223deac6c4db261b36afcb3de92ee0c
SHA256

90233936406f6b5dc03c396e68cd3876a3174944456b4d0bd2319c50f9b8ba39
SHA512

17918c11eec2ccbaf7b98a1b5f06fb80638fffd8a767feed2304f30c8f09bfcd2154d781dbb88895427d3d83c268e7e11ece55fcfef2668dc71261bf34b83c56
SSDEEP

3072:JCakpBa8Gqx3B91cM2TWraVkBxfZUIY/ct6UjGnHOT:JCakGBKBnp2TWraVkvBO/ct6Uj4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42eed8aec6b839f7989c93fbf78af79c_JaffaCakes118

Files

42eed8aec6b839f7989c93fbf78af79c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f0a947a68c0c87ac5b55c3bbf6cfc17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
CloseHandle
lstrlenA
WriteFile
SizeofResource
SetFileTime
LocalFileTimeToFileTime
FindFirstFileA
lstrcatA
GetSystemDirectoryA
CreateFileA
LoadResource
FindResourceA
GetTickCount
GetTempPathA
GetModuleHandleA
DeleteFileA
MoveFileA
GetLocalTime
GetModuleFileNameA
GetFileAttributesA
CopyFileA
Sleep
WinExec
GetWindowsDirectoryA
ReadFile
SetFilePointer
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateDirectoryA
lstrcmpiA
OutputDebugStringA
ReleaseMutex
GetLastError
CreateMutexA
GetCommandLineA
CreateThread
GetCurrentThreadId
GetProcAddress
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetStartupInfoA

ntdll

RtlUnwind
strstr
strchr
strlen
_chkstk
memset

msvcrt

__p__commode
??2@YAPAXI@Z
exit
??3@YAXPAX@Z
rand
realloc
malloc
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_strrev
__p__fmode
__set_app_type
_controlfp

Sections

Helples
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f0a947a68c0c87ac5b55c3bbf6cfc17

Headers

File Characteristics

Imports

kernel32

ntdll

msvcrt

Sections

Helples Size: 3KB - Virtual size: 3KB

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 142KB - Virtual size: 141KB

Helples
Size: 3KB - Virtual size: 3KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 142KB - Virtual size: 141KB