77a5f92ae646ff1683600a7196907944_JaffaCakes118

General

Target

77a5f92ae646ff1683600a7196907944_JaffaCakes118
Size

38KB
MD5

77a5f92ae646ff1683600a7196907944
SHA1

381a60d26e6ade538c9fb04575b15279308d7927
SHA256

58d8975fa357336929363072c0a06bc2800e8e0b6363b7adea06d8197eb08aec
SHA512

e625aada2ba4ae9f4d1bc6ef848ea489dc50521871700b12e2db303906c52b307d6729c4557adb07276107a9ec5cf5b1a31f0660b78f5b1f565521616db87491
SSDEEP

768:0hHootGDOwQmq3EoBUEe77IiDr9La6j/mRqp:qIotGyQlEePIif5a6j1p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77a5f92ae646ff1683600a7196907944_JaffaCakes118

Files

77a5f92ae646ff1683600a7196907944_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea9d3308878eb99b08c0ba468fa757cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atoi
_controlfp
free
_itoa
rand
__p__commode
_strnicmp
_acmdln
malloc
srand
__getmainargs
_initterm
time
__setusermatherr
_adjust_fdiv
strncpy
_XcptFilter
sprintf
_exit
__p__fmode
strstr
__set_app_type
_stricmp
_except_handler3
exit

kernel32

TerminateProcess
GetLogicalDrives
CreatePipe
FindNextFileA
CopyFileA
OpenProcess
FindClose
CreateFileA
GetEnvironmentVariableA
GetStartupInfoA
CreateProcessA
FileTimeToLocalFileTime
GetCurrentProcess
ReadFile
CloseHandle
GetModuleHandleA
LoadLibraryA
CreateToolhelp32Snapshot
Module32First
Process32Next
Sleep
FindFirstFileA
SetFilePointer
GetFileSize
PeekNamedPipe
GetProcAddress
GetLastError
WriteFile
Process32First
FreeLibrary
GetDriveTypeA
FileTimeToSystemTime
DeleteFileA

advapi32

RegQueryValueExA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
LookupPrivilegeValueA
RegOpenKeyExA

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea9d3308878eb99b08c0ba468fa757cb

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

Sections

.text Size: 33KB - Virtual size: 32KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 32KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB