63e91fb645c4d701f2fde9b04ddd2cef_JaffaCakes118

General

Target

63e91fb645c4d701f2fde9b04ddd2cef_JaffaCakes118
Size

40KB
MD5

63e91fb645c4d701f2fde9b04ddd2cef
SHA1

9a980bc165e980a0f50b3a438e9631d0fdde5fbb
SHA256

9034eaf7c8467996adcf0e81da2f64ee2a51bf995b4d19789e604a66be4a1be0
SHA512

09e3c429f2663e8e760928dbad7503b927eb537aed67d71faa3d5a8585bf2eb88c11fd45236ecaaa65228213e7208e5dc71866a9f6ac20be6a2caf7d3b482d91
SSDEEP

384:VHePnQ1oIyTl3Sj4qLOclaLsamlAodKvd3wp8LNyqPM2815os3O:t8n4xAl3FqqlsCv5wp8ZfPI15os3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63e91fb645c4d701f2fde9b04ddd2cef_JaffaCakes118

Files

63e91fb645c4d701f2fde9b04ddd2cef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2e0f6e25b2cadc4d8fb42a127053460

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
CreateProcessA
LoadLibraryA
SetEndOfFile
SetFilePointer
GetProcAddress
FreeLibrary
lstrlenA
GetCommandLineA
GetVersionExA
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
ReadFile

user32

wsprintfA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hhqg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f2e0f6e25b2cadc4d8fb42a127053460

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.hhqg Size: 4KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.hhqg
Size: 4KB - Virtual size: 4KB