78ad70d608bc9a9e7b0e670c0369b1eb_JaffaCakes118

General

Target

78ad70d608bc9a9e7b0e670c0369b1eb_JaffaCakes118
Size

30KB
MD5

78ad70d608bc9a9e7b0e670c0369b1eb
SHA1

01e25a2260fc068f8e3c729c6f09531ff11bb28f
SHA256

1b2a5b92ceb9a5ae0d3600422430227b634435d2c4cf23420f71c2e70c16c2ce
SHA512

e6373da49621787d610c2a76b507b6b2b671330ac66f83ee0ef8f26dac3112f0a572c26382862a4d5415fcf152e1168e9b54bea335fdde96db0662a471637377
SSDEEP

384:xmJJWQBTLv1y4+1X6NCRJ1yz5Re1PtzgyC+Wk13kowG:xmJWQBTk4+N6MgsMza13ko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78ad70d608bc9a9e7b0e670c0369b1eb_JaffaCakes118

Files

78ad70d608bc9a9e7b0e670c0369b1eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

761df5e4d94c921fc3610abcecd9baad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateEventA
OpenEventA
Sleep
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
ExitProcess
DeleteFileA
GetTempFileNameA
CreateThread
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
MoveFileExA
lstrcpyA
lstrcatA
FindFirstFileA
CopyFileA
FindClose
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
GetStringTypeW

user32

DispatchMessageA
TranslateMessage
wsprintfA
GetMessageA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

comctl32

InitCommonControlsEx

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

761df5e4d94c921fc3610abcecd9baad

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 10KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 928B