941cfec0ae796704893680e330bb4ca3_JaffaCakes118

General

Target

941cfec0ae796704893680e330bb4ca3_JaffaCakes118
Size

96KB
MD5

941cfec0ae796704893680e330bb4ca3
SHA1

84af69d324c1e68898ea13f9645e8cde2118104a
SHA256

ca198ec91bf986fd5dac500465500c2f112b7a2298dd273f74e7381f9d7a3008
SHA512

0548175f2048771863091b2469f627d4a6ab99014c16c521aa4e472c3dc5f76209da6b6baca4fb35bf33ab8d43d70342f4a0d0bbd66c8400f65fa30b980e436c
SSDEEP

1536:uX4Zk9J10zriGzlons4dDr8Vxf37nqinvbue1xliKkhcskKkVrwXkIK8hsDL:uX4Zs10zfxon7dPYzn1nzue1xgKkc2l4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
941cfec0ae796704893680e330bb4ca3_JaffaCakes118

Files

941cfec0ae796704893680e330bb4ca3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50dd928442ee7983310206fe428888c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcesses
EnumProcessModules
GetModuleBaseNameA

kernel32

SystemTimeToFileTime
GetVersion
GetSystemInfo
Sleep
GetProcessTimes
OpenProcess
GetSystemTimeAsFileTime
CreateFileA
CloseHandle
UnhandledExceptionFilter
GetTimeZoneInformation
HeapFree
RtlUnwind
RaiseException
GetModuleHandleA
GetCommandLineA
GetVersionExA
HeapAlloc
WideCharToMultiByte
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetLastError
WriteFile
FlushFileBuffers
GetProcAddress
TerminateProcess
GetCurrentProcess
SetFilePointer
GetStdHandle
GetModuleFileNameA
SetEndOfFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
SetStdHandle
ReadFile
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
LoadLibraryA
InterlockedExchange
VirtualQuery
HeapSize
GetLocaleInfoA
VirtualProtect
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 625KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

50dd928442ee7983310206fe428888c0

Headers

File Characteristics

Imports

psapi

kernel32

advapi32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 625KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 625KB