a43792272c81e8aade675a83e8840f21_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a43792272c81e8aade675a83e8840f21_JaffaCakes118
Size

92KB
MD5

a43792272c81e8aade675a83e8840f21
SHA1

7a998c0718a9809e34816f44f28673c3a75e61f4
SHA256

4282c43979e78fd28ad82e01b95800236b69c1b55f4da71887e60372877f823a
SHA512

6e5febee0f5e4bdf291bdc1c6e6ac9f83030281e98b63fd481a95990a49b13c486e92cbad0b96e0a05b4c428c8628a2d8b37734b8c30c37169a32337d2d76200
SSDEEP

1536:JoNali00piANp10U8G0GJpdZAO3Anj5VsOyJJqnNlL8qohL:2aliXiATx30j5mTJJSNlL8qod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a43792272c81e8aade675a83e8840f21_JaffaCakes118

Files

a43792272c81e8aade675a83e8840f21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90dc3e20c5fe7c8c091cbbbc79de4c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GetProcAddress
LoadLibraryA
lstrcpynA
GetLastError
GetModuleFileNameA
lstrcpyA
CreateDirectoryA
GetTempFileNameA
GetTempPathA
SizeofResource
LockResource
LoadResource
FindResourceA
lstrlenA
SetFilePointer
CreateFileA
CloseHandle
WriteFile
MultiByteToWideChar
InterlockedDecrement
SetHandleCount
GetEnvironmentStringsW
LocalFree
GetSystemInfo
VirtualProtect
GetCPInfo
GetOEMCP
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
LCMapStringW
ExitProcess
RtlUnwind
HeapFree
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
VirtualQuery
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapSize
LCMapStringA
WideCharToMultiByte
GetFileType

shlwapi

StrStrA
PathAppendA

rpcrt4

UuidCreate

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoSetProxyBlanket
CoInitializeSecurity

oleaut32

VariantClear
VariantChangeType
VariantInit
SysFreeString
SysAllocString

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90dc3e20c5fe7c8c091cbbbc79de4c34

Headers

File Characteristics

Imports

kernel32

shlwapi

rpcrt4

ole32

oleaut32

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 279KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 279KB

.rsrc
Size: 12KB - Virtual size: 9KB