b203c98419bd934b9b1b698ce4b87984_JaffaCakes118

General

Target

b203c98419bd934b9b1b698ce4b87984_JaffaCakes118
Size

571KB
MD5

b203c98419bd934b9b1b698ce4b87984
SHA1

c5f071627fa32b9b38ed709951306a2cb598a8a7
SHA256

c2e88872ec058309842dd7e582867778cda8365eb5a2fca4ddf5a1a95f465daf
SHA512

e5048ee97c7017904f5d2a6380a756a7c1132c037cb737c9969bc3ea99f3f174e831b8863311ba464bc8d1ccbfb30e3bd9ea42f63a0ba10d3fa990c8fd5ef0a4
SSDEEP

12288:jmbquoXUrYpV/Luk7zkk2IDFG4ACLZL9Fh6LtNkjOwbu:jmbtUUrYK1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b203c98419bd934b9b1b698ce4b87984_JaffaCakes118

Files

b203c98419bd934b9b1b698ce4b87984_JaffaCakes118
.exe windows:4 windows x86 arch:x86

277846dcea892a063bfcca3013fe5328

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
GetSystemDirectoryA
GetTimeZoneInformation
lstrcmpiA
WriteFile
GetLocaleInfoA
GetCommandLineA
FreeEnvironmentStringsA
HeapDestroy
GetFileType
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
HeapFree
GetLastError
ReadFile
TerminateProcess
GetCurrentProcess
SetFilePointer
UnhandledExceptionFilter
GetModuleFileNameA
CreateDirectoryA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
CompareStringW
SetEnvironmentVariableA
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
SetEndOfFile
LCMapStringA
LCMapStringW
CompareStringA

advapi32

RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

277846dcea892a063bfcca3013fe5328

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB