61e8938c7bf4f13f92e0b22ee474c2a6_JaffaCakes118

General

Target

61e8938c7bf4f13f92e0b22ee474c2a6_JaffaCakes118
Size

180KB
MD5

61e8938c7bf4f13f92e0b22ee474c2a6
SHA1

f424252aba5e39ebe8f4f376f696a964f59751b2
SHA256

8d21bf0463ddc045758ef0939f3967673b45d6dca8c81bbf79e66a7e784fbf72
SHA512

0fd61f343c1a73b5c8adeff7f0d878aaa77b76df13663cf141be7c8d1806b097df9bd97cd9bafc4797fc8897a78e01d712f643ea976027b5cd33fc38fa967ab3
SSDEEP

1536:jBJHhkCgTVocbQEzZYTflmyPW7emABnHhEcQdQddZ4ZB6STVTmCy:dhOCgTVocbnqflfdmA/EfQdj42STQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61e8938c7bf4f13f92e0b22ee474c2a6_JaffaCakes118

Files

61e8938c7bf4f13f92e0b22ee474c2a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72f59db26f24f87b0f54ce671b8f5c2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetCommandLineA
GetProcAddress
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapAlloc
VirtualAlloc
LoadLibraryA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

sis_lib

SiSReadPortULONG
SiSWritePortULONG

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

72f59db26f24f87b0f54ce671b8f5c2c

Headers

File Characteristics

Imports

kernel32

advapi32

sis_lib

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 156KB - Virtual size: 156KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 156KB - Virtual size: 156KB