a99914800c46d297a7a7fbd04bb9dede_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a99914800c46d297a7a7fbd04bb9dede_JaffaCakes118
Size

9KB
MD5

a99914800c46d297a7a7fbd04bb9dede
SHA1

d0420b982bf23e47ca96b8b23c7f917c1f36b74d
SHA256

67b5163574d97e214f42129ffd092de5ac8f182f08b18de77c6db7cb6b14a53c
SHA512

95cb364df678b977e7b86ad37fbb7e66327f30b44ca52576a0ebd3e4b2b9b5e87a3466317e91751951da72a038e72c79ca306d85b9396e5c58c8436363e88699
SSDEEP

96:0PfxW/lxdBiixYZFSwvHCSz1j0N2wmCp3wY:04d5xkEwa2ts

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a99914800c46d297a7a7fbd04bb9dede_JaffaCakes118

Files

a99914800c46d297a7a7fbd04bb9dede_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93a0d8351c621a0a838d978fc9bf1a77

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

kernel32

CopyFileA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetWindowsDirectoryA
HeapAlloc
HeapFree
SetErrorMode
SetFileAttributesA

user32

PeekMessageA

cc3260mt

@_InitTermAndUnexPtrs$qv
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
__argc
__argv
__argv_default_expand
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_access
_fclose
_findfirst
_findnext
_fopen
_fread
_fwrite
_memcpy
_strcat
_strcpy
_strlen
_strstr

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93a0d8351c621a0a838d978fc9bf1a77

Headers

File Characteristics

Imports

advapi32

kernel32

user32

cc3260mt

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB