c2a1cc1598b7096a3e3ed6ba38e171ab_JaffaCakes118

General

Target

c2a1cc1598b7096a3e3ed6ba38e171ab_JaffaCakes118
Size

12KB
MD5

c2a1cc1598b7096a3e3ed6ba38e171ab
SHA1

3f1f084fc591b3af5ad44547d3c7e8fbd2ad2387
SHA256

b461d5333b4068ba281fe5e6d26289331e26a3a05c8be458a43609ca8d1f7856
SHA512

b4004f170e112709f8255f9722be416a6132e571b65bfc6bd034cbe2dd06695e3b796499b6919a73e6c4990654ee0f8ca63e0c618b05c51850fe9de61aa24de4
SSDEEP

384:hS7cGkgb8n9eP+tZDbcpP7rCGvWME9hV61qh:icXgt+t8PnCTMEbV8Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a1cc1598b7096a3e3ed6ba38e171ab_JaffaCakes118

Files

c2a1cc1598b7096a3e3ed6ba38e171ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cabd472503927b3cbdcac627e07c809

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateMutexA
FreeLibrary
ResetEvent
GetProcAddress
LoadLibraryA
CreateProcessA
ReadFile
SetFilePointer
CreateFileA
OutputDebugStringA
lstrcatA
GetSystemDirectoryA
Process32First
CreateEventA
GetModuleHandleA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileAttributesA
SetPriorityClass
GetShortPathNameA
GetEnvironmentVariableA
GetModuleFileNameA
lstrlenA
lstrcpyA
SetEvent
CreateThread
WaitForSingleObject
CloseHandle
Sleep
ExitProcess
DuplicateHandle
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Process32Next
lstrcmpiA
GetCurrentProcess
OpenProcess
DeviceIoControl
GetStartupInfoA

advapi32

AdjustTokenPrivileges
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
GetTokenInformation
LookupAccountSidA

shell32

StrStrIA
StrCmpNIA

ntdll

memset
sprintf
strrchr
RtlUnwind
memmove
NtQuerySystemInformation

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
??3@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
__CxxFrameHandler
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8cabd472503927b3cbdcac627e07c809

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ntdll

msvcrt

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 860B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 860B