bc7cbf40f5d278c01ddbbeb0cb737e39_JaffaCakes118

General

Target

bc7cbf40f5d278c01ddbbeb0cb737e39_JaffaCakes118
Size

36KB
MD5

bc7cbf40f5d278c01ddbbeb0cb737e39
SHA1

bb31f89051adb4832d57b107c5e8b9800bb9bf29
SHA256

318cd84c79db30043b5f3a4bccd848d6e3f5a0a207643a64c4da6b5ff2b8f5f8
SHA512

784b95ec22194f3e6bfe42fdc8e179a6005da07aad15ce51b92fe0bc8c3526f5fbc5ffa97549e6efa3acbc684966ef304b4d4b6462494a20178290f5d7c00473
SSDEEP

384:E9ednMsNlPT7FGLU7pfxOgmlLk7XhyApOlUTEIlNU4klkQjJt:YgMsNlPT70CfxO+Rlp+Il++QVt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc7cbf40f5d278c01ddbbeb0cb737e39_JaffaCakes118

Files

bc7cbf40f5d278c01ddbbeb0cb737e39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3dbb518f0ee0c8b1bb43a9b861f7f0a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
LoadLibraryA
VirtualAlloc
lstrcpynA
GetModuleHandleA
GetOEMCP
ExpandEnvironmentStringsA
QueryPerformanceCounter
GetCommandLineA
GetThreadLocale
EnumTimeFormatsA
GetStringTypeA
LCMapStringW
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
HeapAlloc
HeapReAlloc
GetProcAddress
MultiByteToWideChar
LCMapStringA
GetStringTypeW

shlwapi

StrNCatA

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3dbb518f0ee0c8b1bb43a9b861f7f0a9

Headers

File Characteristics

Imports

kernel32

shlwapi

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 76KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 76KB