5b619a790b1eadfd33b1ce021214756b_JaffaCakes118

General

Target

5b619a790b1eadfd33b1ce021214756b_JaffaCakes118
Size

60KB
MD5

5b619a790b1eadfd33b1ce021214756b
SHA1

77dcfe138e2135dfd9c2696c5cf4953ff5344885
SHA256

10b84de8422fef5cbbf5ad90aa81a809142e15cbbbd4f0bda993e29372ccb668
SHA512

302c80565327bc870487279351d63ddfde7e7781f643a6a764e2989fdf97338792cd78fa9ab58b794b6efadf22d8b8fc15e23fd2955ade1db6a4cdf0ae6bc9e0
SSDEEP

768:1R7OzEMgbIs0yMcoS1HVsclLmeloQQG22Pnpk+Pup5k:Pv/IsZMsDlDRq2vSp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b619a790b1eadfd33b1ce021214756b_JaffaCakes118

Files

5b619a790b1eadfd33b1ce021214756b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3bb19ca190918b1e3d2ab22f92f95bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA
CreateDirectoryA
WriteFile
GetOverlappedResult
GetLastError
ReadFile
CopyFileA
WaitForMultipleObjects
CreateEventA
DisconnectNamedPipe
FlushFileBuffers
LocalFree
LocalAlloc
CreateNamedPipeA
ConnectNamedPipe
MoveFileA
CreateProcessA
CreateFileA
CreateThread
CloseHandle
WaitForSingleObject
ResetEvent
SetEvent
GetCommandLineA
GetVersion
ExitProcess
WideCharToMultiByte
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
SetFilePointer
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

InitializeSecurityDescriptor
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
AllocateAndInitializeSid

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d3bb19ca190918b1e3d2ab22f92f95bd

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 32KB - Virtual size: 32KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 32KB - Virtual size: 32KB