8817fc2b9da13a90e30a1fd2a3afe59d_JaffaCakes118

General

Target

8817fc2b9da13a90e30a1fd2a3afe59d_JaffaCakes118
Size

140KB
MD5

8817fc2b9da13a90e30a1fd2a3afe59d
SHA1

00cb7a587753ecbce9529f5f3e7eda06ba121b2b
SHA256

9f8813c79d58472262ad82d22b089cfdf3b0affe3db4cf8dc1cf7cc967f44bb3
SHA512

b2aeaa5d1d1a8d76c151b03336b308fe5ae8c5caf88a7f359853b6096a798aff071999d29ad843761e2c040dd9f6f6d685a1f2eaa2f8214b5ddabb1a43a66c7f
SSDEEP

3072:veBVltRoqgT0iCX3madhPoYYKXhwPNYHxq:virKTjCmad+J4hYKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8817fc2b9da13a90e30a1fd2a3afe59d_JaffaCakes118

Files

8817fc2b9da13a90e30a1fd2a3afe59d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

75d1ec857f027982b67aa3aeab4414ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
HeapAlloc
GetProcessHeap
CloseHandle
HeapFree
HeapDestroy
MoveFileW
DeleteFileW
lstrcatW
lstrcpynW
lstrlenW
ReadFile
CreateFileW
HeapCreate
GetFileSize
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrcpyW
WritePrivateProfileStringW
GetPrivateProfileIntW
MultiByteToWideChar
lstrlenA
LockResource
LoadResource
FindResourceW
OutputDebugStringW
LoadLibraryW
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStringTypeA
SetConsoleCtrlHandler
GetStringTypeW
RtlUnwind
GetCommandLineA
FreeLibrary
ExitProcess
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA
GetLastError
IsBadWritePtr
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
VirtualFree
VirtualAlloc
LoadLibraryA
SetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress

user32

wsprintfW
LoadStringW

shell32

CommandLineToArgvW

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.7rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

75d1ec857f027982b67aa3aeab4414ee

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 2KB

.7rdata Size: 80KB - Virtual size: 80KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 2KB

.7rdata
Size: 80KB - Virtual size: 80KB