5d3416f10d621a77b9770cccfe703300_JaffaCakes118

General

Target

5d3416f10d621a77b9770cccfe703300_JaffaCakes118
Size

116KB
MD5

5d3416f10d621a77b9770cccfe703300
SHA1

c162bf88e9eb4a806135c8fe8c27da248a36692d
SHA256

c9c556dd9d988a74c215d72776b0a1c7f25a15be095fc0cd128111775aeeb3c8
SHA512

96a3fb036c91176ca078ff7289d1c5ee16a884af18008cc7d5852e00bc2663fb3cf7a3726eac0090008213f1375f804a06e32beb797f6945a2f0d4153c64bbe0
SSDEEP

1536:3y/ImBuABo/7q8FzYMVRMrHumjUChmTRTJrBSWK1RDMotqothw:CxBxBo/7lFzYMVRMDuJK1G+qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d3416f10d621a77b9770cccfe703300_JaffaCakes118

Files

5d3416f10d621a77b9770cccfe703300_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5644f4b672506b5a9e6da8ee70f2b9ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32Next
ExitProcess
Process32First
CreateToolhelp32Snapshot
LoadLibraryA
Sleep
CreateThread
GetSystemDirectoryA
GetModuleFileNameA
GetProcAddress
WriteProcessMemory
GetModuleHandleA
OpenProcess
CreateRemoteThread
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetVersion
GetLastError
WriteFile
HeapFree
ReadFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
FlushFileBuffers
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
MultiByteToWideChar
GetCurrentProcessId

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA

shlwapi

PathStripPathA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1009KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5644f4b672506b5a9e6da8ee70f2b9ca

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1009KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1009KB