612989a88a0a40d85d62307b000e845f_JaffaCakes118

General

Target

612989a88a0a40d85d62307b000e845f_JaffaCakes118
Size

32KB
MD5

612989a88a0a40d85d62307b000e845f
SHA1

dabd8708ac563eba299c92a769e5ea2683c68bb5
SHA256

5efaa8bba1f9aba8b13551ed7241db0870c6730681279f8fd9545bfe87cfb320
SHA512

48550cd236f099126e152bc093cc414cbfa7a6ee441fa2706d9dea11e2f889ac7500ac7c927ee58dc96f2562f84a0507ad8c1f26d2bd787eeadfc06d4da1a510
SSDEEP

384:YeV7Lt+UsqreCo2POK5qivkmCQmDYjtthp/9dnmyq+Wj0dobq6ob:YINreCDPkiuQTldmfx0dCq6ob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
612989a88a0a40d85d62307b000e845f_JaffaCakes118

Files

612989a88a0a40d85d62307b000e845f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fffa5bb6d89cccd6448ae884e54fc801

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetLastError
CreateEventA
OpenEventA
Sleep
WinExec
CreateThread
DeleteFileA
GetTempFileNameA
GetModuleHandleA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
GetModuleFileNameA
MoveFileExA
lstrcpyA
lstrcatA
FindFirstFileA
FindClose
VirtualAlloc
HeapAlloc
GetOEMCP
GetStringTypeA
lstrcpynA
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetStringTypeW

user32

GetMessageA
DispatchMessageA
wsprintfA
ShowWindow
LoadIconA
TranslateMessage
CreateDialogParamA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA

comctl32

InitCommonControlsEx

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fffa5bb6d89cccd6448ae884e54fc801

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

Sections

.text Size: 19KB - Virtual size: 18KB

.data Size: 11KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB