77d6abf72148151476179cf52b505014_JaffaCakes118

General

Target

77d6abf72148151476179cf52b505014_JaffaCakes118
Size

152KB
MD5

77d6abf72148151476179cf52b505014
SHA1

a43e6a3bc80a1faee8f69e1266bf5e3c64dce15f
SHA256

3c7d76f345963b434a860ea0733f4202f05484f5fb488738bcc3c64b0b7f42a8
SHA512

4a2ad35f9b306f6fcb404f66fb47ac60efb2fadb4aae098894034ec3f420224fad3d07a90fbae68f6a3a18d3d1727c00a23807bda6ef2db872e31402fcdfef8b
SSDEEP

1536:OU1mMcxkS5pcpX56B8N9ntsOFnzhzHxchA+t8GgpxD1ZtuYsZf1zwQh:aBkSLcXntskzIyaJgvD1ZtuYsp1zwQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77d6abf72148151476179cf52b505014_JaffaCakes118

Files

77d6abf72148151476179cf52b505014_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77e6941d930a3b8dbcc8bdfd50d9ce9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetLastError
GetLocalTime
GetVersionExA
GetFileAttributesA
GetFileSize
GetProcAddress
LoadLibraryA
GetDriveTypeA
CreateMutexA
Sleep
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
ReadFile
GetTempPathA
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetTimeZoneInformation
GetSystemTime
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
HeapReAlloc
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA
ShellExecuteA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77e6941d930a3b8dbcc8bdfd50d9ce9c

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 27KB

.sxdata Size: 4KB - Virtual size: 124B

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 27KB

.sxdata
Size: 4KB - Virtual size: 124B

.rsrc
Size: 40KB - Virtual size: 36KB