b77f645e633d1b50bfff91dc15d0da08_JaffaCakes118

General

Target

b77f645e633d1b50bfff91dc15d0da08_JaffaCakes118
Size

96KB
MD5

b77f645e633d1b50bfff91dc15d0da08
SHA1

1a6eeffe706c79e277051c627d248122313f4d00
SHA256

a46e45d46746da35d813a4456ffc142e5d1d4ddc54093830db07e8e202a85b6a
SHA512

b022291ba437ed4a95797977bc42316e9cf2c22865141af16b68e7803cf037276d8b0a4b581dbdbfb4442582c7276573a8e9288b3c19e86fb3e3115c912c0f65
SSDEEP

768:QsmRngyD4/uem3UXgnbaQjqHhuVV4VoHZ7OFPoRdQzTGfqwT1nh+XzSmO3MH7V2Q:nmhmQjqHQX4V/ofQhq+DSmO3qJDkg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b77f645e633d1b50bfff91dc15d0da08_JaffaCakes118

Files

b77f645e633d1b50bfff91dc15d0da08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5801287d0e2d1d5097ff2e759f03072e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
FindClose
FindFirstFileA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetDiskFreeSpaceExA
GetDriveTypeA
SetErrorMode
CloseHandle
WaitForSingleObject
GetVersion
GetWindowsDirectoryA
DeleteFileA
SetFileAttributesA
lstrcpynA
GetLastError
CreateEventA
FindNextFileA
ReadFile
WriteFile
GetFileSize
CreateFileA
SetFilePointer
OutputDebugStringA
GetTempPathA
WinExec
MoveFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
RtlUnwind
GetFileAttributesA
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA

user32

wsprintfA

shell32

ShellExecuteA
SHFileOperationA

shlwapi

PathRemoveFileSpecA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5801287d0e2d1d5097ff2e759f03072e

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 18KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 18KB

.rsrc
Size: 36KB - Virtual size: 34KB