ab68662b2ad1002d1d7942f376e1d00d_JaffaCakes118

General

Target

ab68662b2ad1002d1d7942f376e1d00d_JaffaCakes118
Size

240KB
MD5

ab68662b2ad1002d1d7942f376e1d00d
SHA1

00a309dc04ec808161f62b7a71130bcac16049f9
SHA256

4323506e23c9301f8f0df5ec8d0048061f7b980144072135a2f48980f27d2e95
SHA512

8942137ed7e077b8d5f674efc0df850d625fd5f42826eddfd1d2b1e9209573179c49d6eb8b62ea3cdf34f78eae7dcf487f4c8f46841fd5e1be315c456f33c9e7
SSDEEP

6144:OveNULnQOyqZ9Gd64VyyTBFoDp6nPecQXl:O2NUT7yCAdXhBuDUmf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab68662b2ad1002d1d7942f376e1d00d_JaffaCakes118

Files

ab68662b2ad1002d1d7942f376e1d00d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ed375cc36e62b569909c6ed4756340b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
StrChrW

kernel32

GetModuleHandleA
GetStartupInfoA
FormatMessageW
LocalAlloc
Sleep
GetCommandLineW
SetErrorMode
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
lstrlenW
lstrcmpW
lstrcpynW
CreateFileW
ReadFile
WriteFile
CloseHandle
GetFileSize
SetFileAttributesW
MoveFileExW
DeleteFileW
lstrlenA
GetLocalTime
lstrcpyW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
LocalFree

user32

wsprintfW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

CommandLineToArgvW

ole32

CoInitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

__dllonexit
_XcptFilter
_exit
??1type_info@@UAE@XZ
free
__setusermatherr
_initterm
__getmainargs
_acmdln
_CxxThrowException
strlen
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
exit
_onexit
memset
_controlfp
memcpy
__CxxFrameHandler
??2@YAPAXI@Z

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ed375cc36e62b569909c6ed4756340b

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

msvcp60

msvcrt

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 202KB - Virtual size: 202KB

.data Size: 1024B - Virtual size: 852B

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 202KB - Virtual size: 202KB

.data
Size: 1024B - Virtual size: 852B

.rsrc
Size: 1024B - Virtual size: 928B