a9da2af3707e7c23989a77bf67411761_JaffaCakes118

General

Target

a9da2af3707e7c23989a77bf67411761_JaffaCakes118
Size

296KB
MD5

a9da2af3707e7c23989a77bf67411761
SHA1

c836c040be6eb0d87eea51b6f31d89ffda95095c
SHA256

49721ff740da0aaf775bedcfa4e831d93cee9dcbf37838c5aa32b280bdd88c79
SHA512

5cf6b25df65b9e54ae9afadc64b8206c8ddee6a177703f081a76d4c235a93c53f6279418a83728378e123e921d16ff4beef8f519fad62e57781b6ed3c1bf3ea6
SSDEEP

3072:1jTcuisZhBw+TMtonG5MYIymKoK9NBNCuPwNfvELHf7Ttb7Eqw7r6ro6BoZls8ki:VZQ+TMXrloa3vPOvELl3VwKo08Cd8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9da2af3707e7c23989a77bf67411761_JaffaCakes118

Files

a9da2af3707e7c23989a77bf67411761_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ee85c265fd4843f618df6b991f0b743

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
WriteFile
CreateFileA
lstrcatA
SetFileAttributesA
SetFilePointer
CloseHandle
WinExec
GetVolumeInformationA
GetWindowsDirectoryA
GetVersion
LocalAlloc
GetProcAddress
GetModuleHandleA
GetTempPathA
CopyFileA
GetModuleFileNameA
lstrcpyA
lstrlenA
GetFileAttributesA
GetLastError
DeleteFileA
VirtualFree
HeapCreate
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
GetStringTypeW
Sleep
GetStringTypeA
VirtualAlloc
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
MultiByteToWideChar
GetFileType
FreeEnvironmentStringsA
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

user32

MessageBoxA
CharLowerA
wsprintfA
PostMessageA
EnumWindows
GetWindowTextA

advapi32

RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
SetSecurityDescriptorDacl
RegSetValueExA
InitializeSecurityDescriptor

shell32

FindExecutableA

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ee85c265fd4843f618df6b991f0b743

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 29KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 29KB