acff9ac4c4db6640c0694109ec5c1580_JaffaCakes118

General

Target

acff9ac4c4db6640c0694109ec5c1580_JaffaCakes118
Size

32KB
MD5

acff9ac4c4db6640c0694109ec5c1580
SHA1

af1c18c7f77991deb93fe82ed63ab2af8acc3b61
SHA256

e363d82bbd607e50502cb37d8a2e029c4c7500300ff8807f048c061203c9b103
SHA512

7661e4f034ff183ef538f135a80263ae913261cdfc067c70a7f417ef1dd42915fb0e4cf29a65769738388411e5327177a35a0f62d3d0f878383bc28dbf29d96c
SSDEEP

768:s9BZg+QkCNrZE+m2XXEh+eYzNPpdpbozPSMUO5ai:s9BZg+GX0AzNPXOzPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acff9ac4c4db6640c0694109ec5c1580_JaffaCakes118

Files

acff9ac4c4db6640c0694109ec5c1580_JaffaCakes118
.exe windows:4 windows x86 arch:x86

04345d8493e62c6aca2876052b33762b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord1085
ord665
ord356
ord354
ord860
ord2770
ord2781
ord4058
ord3181
ord1980
ord668
ord535
ord1158
ord536
ord941
ord939
ord6569
ord800
ord6282
ord922
ord926
ord2818
ord924
ord5601
ord542
ord802
ord858
ord540
ord537

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_itoa
_XcptFilter
_exit
fseek
ftell
fclose
fgetc
rand
fputc
_ftol
atoi
srand
sprintf
remove
__CxxFrameHandler
exit
fopen
_acmdln

kernel32

SetCurrentDirectoryA
GetLocalTime
GetSystemInfo
IsProcessorFeaturePresent
GlobalMemoryStatus
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
GetVersionExA
GetVersion
GetSystemDirectoryA
GetWindowsDirectoryA
GetComputerNameA
ReleaseMutex
GetLastError
CreateMutexA
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetPrivateProfileStringA

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumValueA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

04345d8493e62c6aca2876052b33762b

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

advapi32

shell32

ole32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 2KB