a3b01775c63d8301b72a6235cdc757f5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3b01775c63d8301b72a6235cdc757f5_JaffaCakes118
Size

324KB
MD5

a3b01775c63d8301b72a6235cdc757f5
SHA1

9ceb557ed66234fada7f13e0c46932eef7f01849
SHA256

f4c2a15225c40b11ace11aaefdffd5406eb2cfe3f9e49358f4684ba990447a1c
SHA512

29a305601d6a55c510237ee212f5cccaaadd991c259d4c6b6a33db4cb5c971f217f25b64c3e63d80f6a94d01cf774da24c85d17fa2a2a49b8f34d43dfba3e57a
SSDEEP

6144:0McBNw1Da9Wpl7XHsjfaxjp+yGBsJscy0LxTJghNAxicIiLb5:0XvsDIWL7XHszMdGt0N1gD6oiL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3b01775c63d8301b72a6235cdc757f5_JaffaCakes118

Files

a3b01775c63d8301b72a6235cdc757f5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3731fe9899a8886e1136f340cd3ea809

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextW

msvcrt

free
wcsncat
wcsncpy
_except_handler3
realloc
_initterm
wcscpy
__CxxFrameHandler
wcslen
_purecall
malloc
_adjust_fdiv

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegSetValueExW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree

oleaut32

VariantClear

ntdll

RtlAddAccessAllowedAce
RtlAdjustPrivilege
NtAllocateVirtualMemory

rpcrt4

RpcStringFreeW

kernel32

DeleteCriticalSection
GetLastError
lstrcpynW
EnterCriticalSection
FindResourceW
InitializeCriticalSection
DisableThreadLibraryCalls
FreeLibrary
GetStartupInfoA
HeapDestroy
lstrcpyW
LoadResource
LoadLibraryExW
lstrcmpiW
lstrcatW
lstrlenW
GetModuleFileNameW
lstrlenA
LeaveCriticalSection
MultiByteToWideChar
InterlockedIncrement
SizeofResource

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3731fe9899a8886e1136f340cd3ea809

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcrt

advapi32

ole32

oleaut32

ntdll

rpcrt4

kernel32

Sections

.text Size: 9KB - Virtual size: 8KB

.rsrc Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 1.4MB

.rdata Size: 298KB - Virtual size: 298KB

.tls Size: 512B - Virtual size: 4KB

.text
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 1.4MB

.rdata
Size: 298KB - Virtual size: 298KB

.tls
Size: 512B - Virtual size: 4KB