8ed5cc8582629f001239fbaa3dffb8f1_JaffaCakes118

General

Target

8ed5cc8582629f001239fbaa3dffb8f1_JaffaCakes118
Size

58KB
MD5

8ed5cc8582629f001239fbaa3dffb8f1
SHA1

fbc71a0ef59837f926bb99e4302ed82425e7582f
SHA256

bc1651445a6086de1f45ad05803fda935afc481513037adc7cc9279eafd7ad6f
SHA512

4ae36a721ee3ec458d0fad70516240d6bd90487b3b312f69179f1e9bf664077fe948f92b185b884284f695562c05e974d3f03b04ab7298afd05b753435fa7144
SSDEEP

1536:S/61X6lO1TOHCxvpsSGz+fXwTkFENxOm6sMz:SCZOHCpZGzOXlEa5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ed5cc8582629f001239fbaa3dffb8f1_JaffaCakes118

Files

8ed5cc8582629f001239fbaa3dffb8f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f97c4d2a8eec8064bea93da2f3321c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

lz32

LZCopy
LZOpenFileA
LZClose

kernel32

CreateFileA
WriteFile
lstrlenA
CompareStringA
SetFileTime
GetFileInformationByHandle
GetVersionExA
DeleteFileA
FlushFileBuffers
LockResource
SizeofResource
LoadResource
FindResourceExA
CreateDirectoryA
GetLastError
GetCurrentProcess
GetTickCount
GetFileAttributesA
MultiByteToWideChar
GetTempFileNameA
GetTempPathA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
GetFileSize
GetStartupInfoA
OutputDebugStringA
OpenProcess
GetCurrentProcessId
CopyFileA
GetModuleFileNameA
GetCommandLineA
HeapFree
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
TerminateProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
ReadFile
CloseHandle
GetLocalTime
SystemTimeToFileTime
GlobalAlloc
GlobalFree
CreateProcessA

user32

wsprintfA

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegSaveKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegRestoreKeyA
RegCreateKeyA
RegOpenKeyExA

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f97c4d2a8eec8064bea93da2f3321c4

Headers

File Characteristics

Imports

lz32

kernel32

user32

advapi32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 624B

.rsrc Size: 39KB - Virtual size: 38KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 624B

.rsrc
Size: 39KB - Virtual size: 38KB