8ba414919a0001cb5bce8d75f74c954d_JaffaCakes118

General

Target

8ba414919a0001cb5bce8d75f74c954d_JaffaCakes118
Size

40KB
MD5

8ba414919a0001cb5bce8d75f74c954d
SHA1

ff47e92fe5ec309a5fc39022cebacf416a2acf8a
SHA256

dfbfda90f673c92fda751948906604c115bf90f03980340b69f5c97190fb1e88
SHA512

8d983f5a139981c7cfbb8a34c83ddf03129d0ff7b8cd099175696d9ccf9d19b43c7f7cbcf8aade0ee4375fd87518160cb67e5e47a0cd5764dc2bef57dc586004
SSDEEP

384:VPlAAHz5pfk67ml9lPv5mKvBNyICKaPVPkxoNUssUOSfo:0A1pfev554jPqxomUOSo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ba414919a0001cb5bce8d75f74c954d_JaffaCakes118

Files

8ba414919a0001cb5bce8d75f74c954d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

331b921d08744b16d983f8e3969eb4bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
FindResourceA
GetModuleHandleA
GetSystemDirectoryA
GetWindowsDirectoryA
GetFileAttributesA
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
CreateRemoteThread
SizeofResource
LoadLibraryA
GetVersion
OpenProcess
CopyFileA
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
GetDriveTypeA
Sleep
CreateThread
MoveFileA
GetLastError
CreateMutexA
CreateFileA
WriteFile
GetProcAddress
CloseHandle
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
ReadFile
TerminateProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

331b921d08744b16d983f8e3969eb4bb

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 6KB