839bb6cf68a71a02fffff07b1a590137_JaffaCakes118

General

Target

839bb6cf68a71a02fffff07b1a590137_JaffaCakes118
Size

394KB
MD5

839bb6cf68a71a02fffff07b1a590137
SHA1

6d5c7648c50db2b247eaa1f5d4c82db34aac0f4a
SHA256

4558e4532e27808197bd68880276e357e4f32bc15ab2ef29e53da35b259989b6
SHA512

1a0056d77bff7d97b015063f5e7c3a32d3a0127401554e1943c868c8dcb9877f255748d31f003321d08ebbfda070c8d72eddba628211221758a348b9d9f79aee
SSDEEP

6144:xc5oqK24Dg96SqCT0XPsxmEtj8HO6WVXyU+Ca7V4+SkefE68kLE/Z3R:xc7h4PSqCT0XP9du6W4GCV4+BkI/Zh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
839bb6cf68a71a02fffff07b1a590137_JaffaCakes118

Files

839bb6cf68a71a02fffff07b1a590137_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d5c338514179938b6fa1e600bd0325d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreateProcessA
GlobalAlloc
lstrlenA
FindClose
FindFirstFileA
FindNextFileA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
FormatMessageA
GetTempPathA
SetFilePointer
GetWindowsDirectoryA
lstrcpyA
GetSystemDirectoryA
lstrcmpA
GetCommandLineA
GetVersionExA
ReadFile
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
VirtualProtect
GetLocaleInfoA
GetStringTypeW
WriteFile
SetFileTime
GlobalFree
GetLocalTime
CloseHandle
GetStringTypeA
LCMapStringW
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
GetSystemInfo

user32

MessageBoxA
wsprintfA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteExA

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d5c338514179938b6fa1e600bd0325d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 10.0MB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 10.0MB

.rsrc
Size: 4KB - Virtual size: 16B