8a53566e5c71cab288b77f82b246be7c_JaffaCakes118

General

Target

8a53566e5c71cab288b77f82b246be7c_JaffaCakes118
Size

46KB
MD5

8a53566e5c71cab288b77f82b246be7c
SHA1

bea37569b662a26229458bebcc4e3e24935f2711
SHA256

569bc58205b70c39900fa286c1c6893a676aad87ca233af7f380b3226523ebfb
SHA512

a4618969b3c52d665ac9c20317dbcf0175098f0238d6eb4ddca52e042bb25fce3ec6eda595e12870917536b69ce2a11efbbb3e09d3865ca74fa5394298515a2d
SSDEEP

768:uGm5iw059sS/zNOnUwF8h9BjvkVrNRcxPolFM+b8iuprvB719NL:uHm/z3bDB7UDcxPoly+bPmPNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a53566e5c71cab288b77f82b246be7c_JaffaCakes118

Files

8a53566e5c71cab288b77f82b246be7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5957053c5a62fdcf14ad8b5bd5e010c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetTempPathA
GetSystemDirectoryA
GetModuleFileNameA
SetFilePointer
GetFileTime
GetEnvironmentVariableA
Process32Next
lstrcmpiA
lstrlenA
Process32First
CreateToolhelp32Snapshot
GetVersionExA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualAllocEx
lstrlenW
OpenProcess
MultiByteToWideChar
Sleep
lstrcpyA
CreateFileA
WriteFile
CloseHandle
SetFileTime
GetCurrentProcess
GetStartupInfoA

user32

wsprintfA

advapi32

RegCreateKeyExA
AdjustTokenPrivileges
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

ole32

CoCreateGuid

shell32

ShellExecuteA

msvcrt

_controlfp
__set_app_type
??3@YAXPAX@Z
??2@YAPAXI@Z
sprintf
strstr
fclose
fread
fseek
fopen
free
malloc
__CxxFrameHandler
_except_handler3
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5957053c5a62fdcf14ad8b5bd5e010c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

msvcrt

Sections

.text Size: 12KB - Virtual size: 10KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 10KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB