8376cb293ce03e340acb05294cfa6b0e_JaffaCakes118

General

Target

8376cb293ce03e340acb05294cfa6b0e_JaffaCakes118
Size

20KB
MD5

8376cb293ce03e340acb05294cfa6b0e
SHA1

1d273552c640fcf223c9d9ab21503e7c1361f1e3
SHA256

92a895d9e728ab19001714185a168495b6cdbe190b908d8a10b55dc0e9564ca0
SHA512

2645af05dcecb04511784322af5f922e7396319441dfb314d2fecc4e29c95ba06b01f9159e2d015279622a2c008c626e30550bb65f78b30e81fc2ed40f927289
SSDEEP

384:1jMi8y5iK0DoKpBe/pQAQStmldlZyycU+b0njzKJPpt9G:1jvds9tSGyP0jzKJPpto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8376cb293ce03e340acb05294cfa6b0e_JaffaCakes118

Files

8376cb293ce03e340acb05294cfa6b0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8b608ec22d1f7e71875c2d36a71fffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
MultiByteToWideChar
ReadFile
GetFileSize
GetModuleFileNameA
WinExec
GetSystemDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
ExitProcess
CreateProcessA
CopyFileA
SetFilePointer
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
WriteFile
CloseHandle
LoadLibraryA
GetProcAddress
DeleteFileA
FreeLibrary
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

DispatchMessageA
LoadIconA
wsprintfA
PostQuitMessage
SetTimer
DefWindowProcA
KillTimer
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage

advapi32

RegFlushKey
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d8b608ec22d1f7e71875c2d36a71fffb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 5KB