856932785fae209209d38c827fca88db_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

856932785fae209209d38c827fca88db_JaffaCakes118
Size

13KB
MD5

856932785fae209209d38c827fca88db
SHA1

4cefd32870bf13e7cc1e22ef2872feed4800a282
SHA256

9c7b426b2e190d4b2dd2c5e76a32a7d3e61b557c375a8c8da8c708818e6cebe8
SHA512

34091b51e9df58ab22b823216163f3ed0fbf0f576ce39cf6c7fb6aaf95a92780141e38e4d649a91111da11e201844d6cacaaab57589834d86fdd90f872a22015
SSDEEP

192:owPKi20KjRzy1ydqlsvqBEVIEKkDSLecln63PHdKsscTMW91/vXvf:owPO0oZk5BEVIEK2SLqYFcTMW9hvXvf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
856932785fae209209d38c827fca88db_JaffaCakes118

Files

856932785fae209209d38c827fca88db_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
GetModuleFileNameA
SetLocalTime
GetLocalTime
GetTempFileNameA
GetTempPathA
GetCurrentProcess
VirtualAlloc
ExpandEnvironmentStringsA
GetFileAttributesA
CopyFileA
CreateFileA
GetFileSize
GlobalAlloc
ReadFile
CloseHandle
DeleteFileA
GlobalFree
LoadLibraryA
GetProcAddress
WinExec
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree

user32

wsprintfA

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey

Sections

pp1
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pp2
Size: 512B - Virtual size: 353B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pp3
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pp0
Size: 1024B - Virtual size: 687B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b383ab90251e996f851ae6816a26bd2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

pp1 Size: 512B - Virtual size: 272B

pp2 Size: 512B - Virtual size: 353B

pp3 Size: 512B - Virtual size: 87B

pp0 Size: 1024B - Virtual size: 687B

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 328B

.text Size: 512B - Virtual size: 511B

pp1
Size: 512B - Virtual size: 272B

pp2
Size: 512B - Virtual size: 353B

pp3
Size: 512B - Virtual size: 87B

pp0
Size: 1024B - Virtual size: 687B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 328B

.text
Size: 512B - Virtual size: 511B