78dcc7f2d2e429c266449a07d5ec5d30_JaffaCakes118

General

Target

78dcc7f2d2e429c266449a07d5ec5d30_JaffaCakes118
Size

242KB
MD5

78dcc7f2d2e429c266449a07d5ec5d30
SHA1

3509081e97407b93e3f60e8bf4bf1c45c141e5a0
SHA256

8fd27f242b02325fe2fe8e9e6058a0194a5ff20996b1ae7fbf8c60f017876e41
SHA512

5e7d684841b67e16a5d6a7eb38e21395e80e45a8ca4b927dccc0a02e9d24bdb61bd56c712137863e0e9a1eedc4910507336442d9ded17562b63644ba689cd157
SSDEEP

3072:nzF6VZ6n/VToO9dmzqJovpPX2q3ilu1VHM/sDKrlgYeg13ImuDFeyj1tlNwzcN5:np6VZYtT198zqmvpV3dDKrl11+JJ3Yc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78dcc7f2d2e429c266449a07d5ec5d30_JaffaCakes118

Files

78dcc7f2d2e429c266449a07d5ec5d30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15c1ebf030807afa3cff20b1fc903475

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
lstrlenA
GetCommandLineA
TlsSetValue
GetCurrentDirectoryA
GetTempFileNameA
MoveFileW
GetStdHandle
EnumSystemLocalesA
IsBadCodePtr
LeaveCriticalSection
Beep
GetFileSizeEx
GlobalUnlock
SetFilePointer
GetCPInfo
SetEvent
OutputDebugStringA
GetQueuedCompletionStatus
CreateMutexA
GetThreadLocale
FormatMessageA
GetUserDefaultLangID
GetPrivateProfileStringA
GlobalSize
LoadResource
WritePrivateProfileStringW
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
RtlUnwind
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

yywyc
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

yaciaco
Size: 13KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mkicu
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15c1ebf030807afa3cff20b1fc903475

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 19KB - Virtual size: 18KB

yywyc Size: 190KB - Virtual size: 190KB

yaciaco Size: 13KB - Virtual size: 15KB

mkicu Size: 18KB - Virtual size: 18KB

.text
Size: 19KB - Virtual size: 18KB

yywyc
Size: 190KB - Virtual size: 190KB

yaciaco
Size: 13KB - Virtual size: 15KB

mkicu
Size: 18KB - Virtual size: 18KB