889dcfb95e9eb0de560fdebb1ca8e134_JaffaCakes118

General

Target

889dcfb95e9eb0de560fdebb1ca8e134_JaffaCakes118
Size

31KB
MD5

889dcfb95e9eb0de560fdebb1ca8e134
SHA1

fedd71e7dfb8e621fbcf21076b960124e1e3cfc8
SHA256

2f0ccba89b239c41fbf696ac20eb19b457f34b146b64ff23fe7e0ef9dca6b653
SHA512

9efd6dea02be28e09cebe2ad35e7850f5f09efc2747fef0cbaf1afb23150e903526e26abcb40fa8bd3520c1a76a52d8cae8d35031f2a29fd51705830cd0750e8
SSDEEP

768:HrH0Fg6dCRobVLtmKubsDxKNTy4SmXUKBs2EQVe6:HrHQURobXmKTmk6E0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
889dcfb95e9eb0de560fdebb1ca8e134_JaffaCakes118

Files

889dcfb95e9eb0de560fdebb1ca8e134_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04bb29b9f4a5fdd6577cf35c974cda02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
Module32Next
DeleteFileA
Sleep
TerminateProcess
SetFileAttributesA
Module32First
CreateToolhelp32Snapshot
ExitThread
Process32Next
Process32First
GetModuleFileNameA
GetTempPathA
GetLastError
CreateThread
ExitProcess
lstrcmpiA
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObject
CreateProcessA
WriteFile
CreateFileA
ReadProcessMemory
GetVersionExA
LoadLibraryA
GlobalUnlock
GlobalLock
GlobalAlloc
GetWindowsDirectoryA
TerminateThread
CopyFileA
GetFileAttributesA
ReleaseMutex
ReadFile
SetFilePointer
lstrlenA
GetFileSize
GetSystemTime
ExpandEnvironmentStringsA
GetCurrentProcess
CreateMutexA
CloseHandle
GetModuleHandleA
LocalFree
GetStartupInfoA
GetLocaleInfoA
GetProcAddress

user32

SetClipboardData
BlockInput
SetForegroundWindow
SetFocus
ShowWindow
VkKeyScanA
OpenClipboard
EmptyClipboard
CloseClipboard
keybd_event

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantClear
SysAllocString
VariantInit

msvcrt

_except_handler3
_controlfp
_CxxThrowException
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
strstr
sprintf
rand
strncpy
atoi
srand
free
malloc
_vsnprintf
??2@YAPAXI@Z
strchr
_snprintf
strtok
__dllonexit
_onexit
_exit
_XcptFilter

Sections

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04bb29b9f4a5fdd6577cf35c974cda02

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

msvcrt

Sections

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 26KB - Virtual size: 296KB

.rsrc Size: 512B - Virtual size: 16B

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 26KB - Virtual size: 296KB

.rsrc
Size: 512B - Virtual size: 16B