a663990b8a1b8dfec236d83d6d5517d2_JaffaCakes118

General

Target

a663990b8a1b8dfec236d83d6d5517d2_JaffaCakes118
Size

40KB
MD5

a663990b8a1b8dfec236d83d6d5517d2
SHA1

d082227a2d68ae9b6804f2fbbd2b974392cab1cf
SHA256

ff687236cd1883529e8fe23fffd98757229a7210621103d4035799d5feca6f6f
SHA512

958ecb038dfb2aa1fc9cf537c9f4e7ce5aa3f9f7d6ed36fa6d60fe6dc7edeb2746c6a0ffe1898af19d50c242a73d16eac7b27dd6ceaa5f993bfdc65b3b1132fc
SSDEEP

384:VPlAAHz5pfk67ml9lPv5mKvBNyICKaPVPkxoNUssUOSfo:0A1pfev554jPqxomUOSo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a663990b8a1b8dfec236d83d6d5517d2_JaffaCakes118

Files

a663990b8a1b8dfec236d83d6d5517d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

331b921d08744b16d983f8e3969eb4bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
FindResourceA
GetModuleHandleA
GetSystemDirectoryA
GetWindowsDirectoryA
GetFileAttributesA
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
CreateRemoteThread
SizeofResource
LoadLibraryA
GetVersion
OpenProcess
CopyFileA
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
GetDriveTypeA
Sleep
CreateThread
MoveFileA
GetLastError
CreateMutexA
CreateFileA
WriteFile
GetProcAddress
CloseHandle
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
ReadFile
TerminateProcess
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

331b921d08744b16d983f8e3969eb4bb

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 6KB