734f7fd3277bcf2a9bace95d12829d0f_JaffaCakes118

General

Target

734f7fd3277bcf2a9bace95d12829d0f_JaffaCakes118
Size

108KB
MD5

734f7fd3277bcf2a9bace95d12829d0f
SHA1

434054b9c1fb789194324210d9dc253d8069060c
SHA256

549891aef8565b8cdb2ad43e39fb7f7948f677f27292c3ff11da8827fbab2717
SHA512

7bbd5d4531f79588690d9522162e8358cb027d8c8934fc903b880dd017e2efe09e7af12afc84e2710d4a404001236a9e7002bcf8f0e8a06959a02b0336b66137
SSDEEP

3072:5EJhcz6bmFM8A2qJMYv0Pckj8uAkptf0pb:OJhi6b6MZhF0UkIuLptqb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
734f7fd3277bcf2a9bace95d12829d0f_JaffaCakes118

Files

734f7fd3277bcf2a9bace95d12829d0f_JaffaCakes118
.exe .hta windows:4 windows x86 arch:x86 polyglot

3b45854e45f87cc6a6646e810942bc85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1168
ord1567
ord354
ord268
ord5186
ord1979
ord665
ord3790
ord5583
ord6385

msvcrt

_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
??3@YAXPAX@Z
__getmainargs
time
srand
rand
strcpy
strcat
strlen
memset
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__CxxFrameHandler

kernel32

Sleep
FreeResource
SetFileAttributesA
LoadResource
SizeofResource
GetModuleFileNameA
GetEnvironmentVariableA
CreateFileA
WriteFile
WinExec
CreateProcessA
GetStartupInfoA
GetModuleHandleA
GetWindowsDirectoryA
GetSystemDirectoryA
FindResourceA
CloseHandle

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA

shell32

ShellExecuteA

msvcirt

?freeze@strstreambuf@@QAEXH@Z
??6ostream@@QAEAAV0@H@Z
??0strstream@@QAE@XZ
??6ostream@@QAEAAV0@D@Z
?ends@@YAAAVostream@@AAV1@@Z
??6ostream@@QAEAAV0@P6AAAV0@AAV0@@Z@Z
?str@strstream@@QAEPADXZ
??_Dstrstream@@QAEXXZ
??6ostream@@QAEAAV0@PBD@Z
??6ostream@@QAEAAV0@PBE@Z
?rdbuf@strstream@@QBEPAVstrstreambuf@@XZ

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b45854e45f87cc6a6646e810942bc85

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

shell32

msvcirt

Sections

.text Size: 96KB - Virtual size: 96KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 96KB - Virtual size: 96KB

.rsrc
Size: 8KB - Virtual size: 8KB