c10add626206572fe2c123b17bd6d0b9_JaffaCakes118

General

Target

c10add626206572fe2c123b17bd6d0b9_JaffaCakes118
Size

241KB
MD5

c10add626206572fe2c123b17bd6d0b9
SHA1

e3c2485262da783c35e80fc6c09df35fb4217721
SHA256

cde0d908a10c0461f92cfd914a14a46d7983aff56f6875fa278c4cac39780d89
SHA512

5c8ab50a00ada579b1b7f98bbfbc4387fd7038d486ea80b8b9fedeabcf3a047f207b219b627de1bce5e7db8538782172b8e5ee2879fac29eef898ef3631494da
SSDEEP

3072:ulGb5OOJYGX5WdfiW0zTjza6gcEBRtu7lJEw7iVHwUnGWl6di2fGcffHJ6aJRLg4:ulQYM2uSxdGJB7iVH5nd3cpjnLsJ6pN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c10add626206572fe2c123b17bd6d0b9_JaffaCakes118

Files

c10add626206572fe2c123b17bd6d0b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44ec7e47402caa9c3483f6fc36c6b077

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
StrChrW

kernel32

GetModuleHandleA
GetStartupInfoA
FormatMessageW
LocalAlloc
Sleep
GetCommandLineW
SetErrorMode
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryW
lstrlenW
lstrcmpW
lstrcpynW
CreateFileW
ReadFile
WriteFile
CloseHandle
GetFileSize
SetFileAttributesW
MoveFileExW
DeleteFileW
lstrlenA
GetLocalTime
lstrcpyW
GetSystemDirectoryW
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
LocalFree

user32

wsprintfW

advapi32

RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW

shell32

CommandLineToArgvW

ole32

CoInitialize

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

__dllonexit
_exit
??1type_info@@UAE@XZ
free
_except_handler3
_initterm
__getmainargs
_acmdln
exit
_CxxThrowException
strlen
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_XcptFilter
_onexit
memset
_controlfp
memcpy
__CxxFrameHandler
??2@YAPAXI@Z

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 203KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44ec7e47402caa9c3483f6fc36c6b077

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

msvcp60

msvcrt

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 203KB - Virtual size: 202KB

.data Size: 1024B - Virtual size: 852B

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 203KB - Virtual size: 202KB

.data
Size: 1024B - Virtual size: 852B

.rsrc
Size: 1024B - Virtual size: 928B