b074a101b98aacdc88112bbd3efe3532_JaffaCakes118

General

Target

b074a101b98aacdc88112bbd3efe3532_JaffaCakes118
Size

108KB
MD5

b074a101b98aacdc88112bbd3efe3532
SHA1

8b0bdc3ea37fa013094b2167712f9359773ea016
SHA256

43e6f97eecc1a6e6cd1e4a0dee2bf63d2ae0e13de2c5a982a71b2d418eb5a9e9
SHA512

4ebd9f6f86c98872d3879945e099ecca02c440b080e1623b2b6f3fd08ffdead6b7dd255fe2d955dc17ee900f87bdc533ea9b1d7d27e3296903850599d4bc9981
SSDEEP

1536:LV2xeKwe1/Lg1sPC2tqNHIsYtAmRCvjAgQZ5B:YxtweG2tqNHIs0XgQZX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b074a101b98aacdc88112bbd3efe3532_JaffaCakes118

Files

b074a101b98aacdc88112bbd3efe3532_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b69dd70d6ab590a68f50f21c26c60f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertGetNameStringA
CertSerializeCertificateStoreElement
CryptAcquireCertificatePrivateKey
CertOpenSystemStoreA
CertEnumCertificatesInStore
CertCloseStore

advapi32

CryptExportKey
CryptDestroyKey
CryptReleaseContext
CryptGetUserKey

kernel32

HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
DeleteFileA
FreeLibrary
GetProcAddress
CloseHandle
lstrcpyA
GetTempPathA
LoadLibraryA
WriteFile
GetLastError
CreateFileA
SetUnhandledExceptionFilter
SetErrorMode
GetCommandLineA
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleA
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
GetCPInfo
GetACP
GetOEMCP
RtlUnwind
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
HeapSize
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b69dd70d6ab590a68f50f21c26c60f9

Headers

File Characteristics

Imports

crypt32

advapi32

kernel32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 60KB - Virtual size: 63KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 60KB - Virtual size: 63KB