87598755ef00654231a53b65f21b89d5_JaffaCakes118

General

Target

87598755ef00654231a53b65f21b89d5_JaffaCakes118
Size

132KB
MD5

87598755ef00654231a53b65f21b89d5
SHA1

8c2ad750083839d207e2c9500a362630f071059b
SHA256

0d5c4015d8067b37126885bc2dab70dd43f7c38b81e1a948bb669e54b50a1b6f
SHA512

8433167869ce5fb6d1c8f8725f3e6b9a050a5529d7a8993d5edcab861af6949e11eee635c30b65d98c1a23c8d2db9e0d3dbdb0a320e4fcf8f533e60a708559d8
SSDEEP

1536:2BK1exafEo7nGDHiLp2CEUMgpkOaajaPHqgdy3aDQO7:0ofEozcHS2rUPkOaaGfXy3xO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87598755ef00654231a53b65f21b89d5_JaffaCakes118

Files

87598755ef00654231a53b65f21b89d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af4face3c96a4bc103e9db7497a7fab2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
GetWindowsDirectoryA
SetCurrentDirectoryA
GetPrivateProfileStringA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
FreeLibrary
FindFirstFileA
FindClose
GetEnvironmentVariableA
LCMapStringA
LCMapStringW
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetLastError
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
CreateProcessA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeA
GetStringTypeW
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FlushFileBuffers
CloseHandle
SetHandleCount
GetStdHandle
GetFileType
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
SetStdHandle

advapi32

RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

shell32

FindExecutableA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

af4face3c96a4bc103e9db7497a7fab2

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 1KB

.trdata Size: 76KB - Virtual size: 76KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 1KB

.trdata
Size: 76KB - Virtual size: 76KB