822005f949feb9b0db9921f82375dd22_JaffaCakes118

General

Target

822005f949feb9b0db9921f82375dd22_JaffaCakes118
Size

52KB
MD5

822005f949feb9b0db9921f82375dd22
SHA1

384cfaf0f64b3f16abd5adeb33d1340ecba5b413
SHA256

934318970fc73a01d4bf5804486cdf2fcd3e1102ff55e6f8e2ca1ae0c161846a
SHA512

5bb641a6b0c504b25434a37bfebaca10216a09c7dc674f912ef9476213bf62402d2629c8dacaab9e57e34524b2de60c4c879b2c92a81b42db781998353f2b31f
SSDEEP

768:onIGa3l1z3ZRLQsFCQiDVtL+lGpQojtsTNA9tobZ2170i3sBED0z7lDpi:onIGa3v3ZhQJL+lW2RA9tx70i3sB5lk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
822005f949feb9b0db9921f82375dd22_JaffaCakes118

Files

822005f949feb9b0db9921f82375dd22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9730f2c3641fc9d196e1e30b16f867c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReadFile
WriteFile
CreateFileA
WaitNamedPipeA
FreeLibrary
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
GetModuleFileNameA
GetTempPathA
CreateEventA
OpenEventA
DeleteFileA
MoveFileExA
Sleep
WritePrivateProfileStringA
GetVolumeInformationA
GetFileSize
CompareStringW
CompareStringA
FlushFileBuffers
GetStringTypeW
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
SetEnvironmentVariableA

user32

wsprintfA

netapi32

Netbios

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9730f2c3641fc9d196e1e30b16f867c6

Headers

File Characteristics

Imports

kernel32

user32

netapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 17KB