b7a351ff0e7ad80c0f11157115a8eb72_JaffaCakes118

General

Target

b7a351ff0e7ad80c0f11157115a8eb72_JaffaCakes118
Size

125KB
MD5

b7a351ff0e7ad80c0f11157115a8eb72
SHA1

d705e0413e3caadfebbaeb5c2463c9c71e76c358
SHA256

d9450353b4e4a3c8dc63461b96de3afac51edcaebdf0f8e16afc84858dcf1829
SHA512

84833828a57f106cbbc0454c1a6b2ff33acb79c2cd3773bec248443368aeae2fdb37e24ac17d489ecdaeb4853506e81f441cceeac587247c7c3aa5e4281dcfc0
SSDEEP

1536:LtqQPUNW5BSmOlP1i/pefM8lkfSgmOB9U1pIWC4wH89QvtNZNMI7MY6iwmTpSQVr:tsjti/pefMCkfsnI9BqQHGYh7wQrnV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7a351ff0e7ad80c0f11157115a8eb72_JaffaCakes118

Files

b7a351ff0e7ad80c0f11157115a8eb72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c593cba6205b22b866c9b175fed50f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pncrt

__p__fmode
__setusermatherr
_adjust_fdiv
_except_handler3
__set_app_type
__p__commode
_initterm
__getmainargs
??3@YAXPAX@Z
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_stricmp
getenv
strstr
printf
strrchr
strchr
_controlfp
_telli64
_unlink
_write
_putenv
_tell
_lseek
_lseeki64
_chsize
_fstat
_errno
_purecall
sprintf
memmove
_ismbcspace
malloc
_read
realloc
free
??2@YAPAXI@Z
_close
_creat
_open
_sopen

kernel32

CreateFileMappingA
GetProcAddress
GetStartupInfoA
DeleteFileA
GetModuleHandleA
GetVersion
GetVersionExA
FreeLibrary
SetErrorMode
LoadLibraryA
GetTempPathA
GetTempFileNameA
CloseHandle
CreateFileA
GetFileSize
GetLastError
UnmapViewOfFile
MapViewOfFile
InterlockedDecrement
InterlockedIncrement
GetSystemInfo

user32

CharNextA
GetSystemMetrics
CharLowerA

advapi32

RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegOpenKeyA
RegQueryValueA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c593cba6205b22b866c9b175fed50f5

Headers

File Characteristics

Imports

pncrt

kernel32

user32

advapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 72KB - Virtual size: 72KB