8c22a0d77a6f38723cf20d0852fc43ea_JaffaCakes118

General

Target

8c22a0d77a6f38723cf20d0852fc43ea_JaffaCakes118
Size

220KB
MD5

8c22a0d77a6f38723cf20d0852fc43ea
SHA1

c845f9facda13f067e456cf7beb40ff199d61e06
SHA256

402e584fe9ff891006af7f66a911232fd72e34f0cb1b51a34a747c3b97fdac23
SHA512

9881c4ec8ba4d6cd856cb34b1f8cb40d918219f50e501b7397b3c4cf9162a1c1e6ecb03354b9e76c23181819a754319fdba0dde1d106546b9de587590a541a77
SSDEEP

3072:43imxUBDeKTpB3DeyXwrqz6NMVVio1z8mDZqAh6R/2gcFKC9k2lmH3eXYkXip9rx:+im+DdpVzm1cNDUAEdJC9kpH08brY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c22a0d77a6f38723cf20d0852fc43ea_JaffaCakes118

Files

8c22a0d77a6f38723cf20d0852fc43ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15e0e2b0d0dfef2f1ec641d7d3f485c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
CopyFileA
GetShortPathNameA
GetEnvironmentVariableA
WaitForMultipleObjects
InterlockedCompareExchange
InterlockedIncrement
RemoveDirectoryA
TlsSetValue
TlsAlloc
SetTapePosition
VirtualProtect
GetModuleFileNameA
LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapSize
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
VirtualQuery
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15e0e2b0d0dfef2f1ec641d7d3f485c9

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 108KB - Virtual size: 104KB

.data Size: 52KB - Virtual size: 566KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 108KB - Virtual size: 104KB

.data
Size: 52KB - Virtual size: 566KB

.rsrc
Size: 4KB - Virtual size: 1KB