8674e3c77e8051cfdf1c4d321a7188bf_JaffaCakes118

General

Target

8674e3c77e8051cfdf1c4d321a7188bf_JaffaCakes118
Size

116KB
MD5

8674e3c77e8051cfdf1c4d321a7188bf
SHA1

fff81ee37e5f7f7d1721cca5a45661c695f0fece
SHA256

3cdc149e387ec4a64cce1191fc30b8588df4a2947d54127eae43955ce3d08a01
SHA512

2b224a42eb162961d342cbb398f01f6fafa405a622cacbb36d0ce80a0855e0f244dc95546726ef84d3a46f0490ed380adc43ae10a3e1e42231c5965398fa341c
SSDEEP

1536:ATvu0caY5rmUTfe/0h5Bc1NC8APoqE8QmRD02gfHH4iKEFXvxKqHs:AQltmUTW/0h5Bc1NC8AlNRD8H/Xey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8674e3c77e8051cfdf1c4d321a7188bf_JaffaCakes118

Files

8674e3c77e8051cfdf1c4d321a7188bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

575318fb1fe62fd21fd7abf74fd0b92c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateProcessA
ExpandEnvironmentStringsA
MoveFileExA
MoveFileA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetEnvironmentVariableA
GetModuleFileNameA
WaitForMultipleObjects
CreateEventA
GetCurrentThreadId
SetEvent
GetLastError
FileTimeToSystemTime
ReadFile
SetFilePointer
GetFileSize
GetFileInformationByHandle
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
SystemTimeToFileTime
GetLocalTime
GetTickCount
GetModuleHandleA
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject
GetStartupInfoA

user32

GetDesktopWindow
GetInputState
PostThreadMessageA
GetMessageA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

msvcrt

_controlfp
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
strstr
strrchr
_access
_vsnprintf
_beginthread
sprintf
strncpy
_mbsicmp
rand
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

shlwapi

StrRChrIA

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

575318fb1fe62fd21fd7abf74fd0b92c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

shlwapi

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 56KB - Virtual size: 53KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 56KB - Virtual size: 53KB

.rsrc
Size: 28KB - Virtual size: 25KB