67ddad0519b5eeffd440a6c66a4097ac_JaffaCakes118

General

Target

67ddad0519b5eeffd440a6c66a4097ac_JaffaCakes118
Size

64KB
MD5

67ddad0519b5eeffd440a6c66a4097ac
SHA1

41a71f9ee71ef7b39d648245e0d23eaceba26843
SHA256

140e838dfc1b403defbd2ca31baf1ab589f274e6a3ad59e5fa818755976210eb
SHA512

aab4214c9bc2cc210501bb452d9b3232df810ffea85d07b25972ba3fd9a89dbe946820c971873e616f06d4c428c13a2ee3e29ac601f298d778103117d9378f0a
SSDEEP

768:GOO8Jwlvn9W4PJWijQt0fS+pA+n9jKFosJjcAulR3ObhUuT1:9O8JKfM4PUictISP2uosCflZObhUup

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67ddad0519b5eeffd440a6c66a4097ac_JaffaCakes118

Files

67ddad0519b5eeffd440a6c66a4097ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd880157fe760a2a4d51bb508c31d09d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
lstrlenA
GetLocalTime
CloseHandle
CreatePipe
ReadFile
PeekNamedPipe
WinExec
MultiByteToWideChar
WriteFile
GetCurrentProcess
CreateFileA
lstrcmpiA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
GetFileSize
ResumeThread
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetEnvironmentVariableA
RtlUnwind
GetFileType
GetStdHandle
GetTimeZoneInformation
GetSystemTime
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

user32

DispatchMessageA
KillTimer
PostMessageA
SetTimer
GetMessageA
TranslateMessage

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fd880157fe760a2a4d51bb508c31d09d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 32KB - Virtual size: 31KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 32KB - Virtual size: 31KB