c00fd75501194b059c95aebbfcc3cfb8_JaffaCakes118

General

Target

c00fd75501194b059c95aebbfcc3cfb8_JaffaCakes118
Size

48KB
MD5

c00fd75501194b059c95aebbfcc3cfb8
SHA1

bbdcdf7ee13e277844b1956c35860597860460f3
SHA256

69bb8c8113481b69dab85efd79031bd9d17bf347e459f6953f862d9e618fe316
SHA512

2b54f9ca37dc29aa9d29216579e2ac6dc5266a7eaf58b6982f4cd56ae67492cdf45dc24a6a2097b689dce10fa816ef3262c968b5f97e3f7518d1f0370a5d55fb
SSDEEP

768:KxK9eJHnBLrD57FF5GXFB9rBzBNypBZ1UNJmoSJRk81uAs6d0raLbsBmeWd:69FDmqpBZeNIoSJRNs6d7sBme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c00fd75501194b059c95aebbfcc3cfb8_JaffaCakes118

Files

c00fd75501194b059c95aebbfcc3cfb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

352cf9303d9c8a2b0c52d9721846dafa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
GetModuleFileNameA
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
WriteFile
Sleep
GetProcAddress
LoadLibraryA
lstrcpyA
CreateDirectoryA
GetLastError
CreateMutexA
WaitForMultipleObjects
CreateThread
lstrcatA
GetLocaleInfoA
GetACP
ReadFile
SetFilePointer
GetFileSize
WaitForSingleObject
GetDriveTypeA
TerminateThread
SetFileAttributesA
SetFileTime
GetSystemDirectoryA
GetFileTime
GetVersionExA
SetStdHandle
GetStringTypeW
HeapFree
HeapAlloc
DeleteFileA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetOEMCP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
GetStringTypeA
FlushFileBuffers

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

352cf9303d9c8a2b0c52d9721846dafa

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 9KB