73990fc4783a84c85e605c6b62df23de_JaffaCakes118

General

Target

73990fc4783a84c85e605c6b62df23de_JaffaCakes118
Size

331KB
MD5

73990fc4783a84c85e605c6b62df23de
SHA1

0b70aa46c36261a29521c8bb82032f3897a57216
SHA256

b1632c1c61182fd33bfc8e7570aba723cde04b3b2d9ac2383a06f8a2e04889d1
SHA512

f0535205eb6c79d444a146c95741b7d488c57e893900da61d5a19f6289f22a37ea0ef556fc701919a16e08d0d59b95b311960b5c95cb64151963e93af2eacb97
SSDEEP

6144:hY+8ps94jJwSe9qe989T1AcaNTW1/MKIZmmhq96+t+w4+F:hRkeI9RLiChMKIZm4y6+t+wt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73990fc4783a84c85e605c6b62df23de_JaffaCakes118

Files

73990fc4783a84c85e605c6b62df23de_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd70bfef07fb8972314e8b0e402b130c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
FreeLibrary
FindFirstFileA
FindNextFileA
GetLastError
FindClose
GetEnvironmentVariableA
GetWindowsDirectoryA
Sleep
SetFileAttributesA
GetLocalTime
GetSystemTimeAsFileTime
GetStartupInfoA
VirtualAlloc
VirtualQuery
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
HeapValidate
CloseHandle
ExitProcess
RtlUnwind
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetCommandLineA
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
GetConsoleOutputCP
WriteFile
SetStdHandle
DeleteFileA
SetConsoleCtrlHandler
CreateFileA
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyA
RegQueryValueExA

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd70bfef07fb8972314e8b0e402b130c

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 5KB - Virtual size: 5KB