75743c520b2c1ab8723b20db9afab7cc_JaffaCakes118

General

Target

75743c520b2c1ab8723b20db9afab7cc_JaffaCakes118
Size

328KB
MD5

75743c520b2c1ab8723b20db9afab7cc
SHA1

3be3c987b9de0cac1144ba9aca2e9e4b9466f7d3
SHA256

8529667c7c463feb5929f10cbbcb56d40eefcf750373494f01975cb68b255b9c
SHA512

3eb8710427b942f2f2f16b1750dc19d8790a20b38984b7343f4702fa0f058e1425483c6e7eaf5ed232211dd40c80f2e32366ab6428b3740b2bac060f7e657a68
SSDEEP

6144:ULixO3ott7g08Q1GD4p3DesKOLnieivd1dXETsA6UpK1VX5Xv:KGvJUD8zesKQTSAhp+1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75743c520b2c1ab8723b20db9afab7cc_JaffaCakes118

Files

75743c520b2c1ab8723b20db9afab7cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5cafab8a8c1460660ae7532ccd36b0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
Sleep
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetProcAddress
MultiByteToWideChar
GetTickCount
FreeLibrary
FindClose
GetSystemDirectoryA
OpenMutexA
CreateMutexA
GetModuleFileNameA
RtlUnwind
ExitProcess
QueryPerformanceCounter
SetStdHandle
FlushFileBuffers
GetLastError
HeapAlloc
HeapFree
WriteFile
CloseHandle
GetStdHandle
LoadLibraryA
SetCurrentDirectoryA
lstrcmpiA
GetModuleHandleA
GetStartupInfoA
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GlobalFree
InterlockedExchange
GetCommandLineA
VirtualProtect
SetFilePointer
GlobalAlloc

user32

LoadBitmapA
DialogBoxParamA

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

gdi32

DeleteObject

msvcr71

_c_exit
_onexit
__dllonexit
_except_handler3
_vsnwprintf
_initterm
_amsg_exit
free
memcpy
wcsstr
_wcsicmp
_adjust_fdiv
_XcptFilter
memset
_controlfp
_exit
_ismbblead
_cexit
exit
_acmdln
__getmainargs
__setusermatherr
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 296KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5cafab8a8c1460660ae7532ccd36b0f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcr71

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 296KB - Virtual size: 586KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 296KB - Virtual size: 586KB

.rsrc
Size: 4KB - Virtual size: 1KB