c85cda8260de87e3df384e1e452a7700_JaffaCakes118

General

Target

c85cda8260de87e3df384e1e452a7700_JaffaCakes118
Size

41KB
MD5

c85cda8260de87e3df384e1e452a7700
SHA1

1e2b46a1b1aa99d3893f01c3eea3ec5245e0c735
SHA256

e141af3954e6016205f00b06042c6c0a42a6f910c49e356f7e404886522f18cd
SHA512

9c9a6b6d714711d6fb76c94a199a343db8014c871e81de9ce64a1e6fc90fcfb80444d0f1b1d2eea6d146a730d33c7025b436193ade69358d74e5c428a740e038
SSDEEP

768:NB6pRE1xG8L9WdnYbkteosrAPdIGj1YR+tjLPuWGXSNvPuRe+cVApIhW8mBzKapL:LEi1xh9NeejrAmGUOXPZPUahJapG3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c85cda8260de87e3df384e1e452a7700_JaffaCakes118

Files

c85cda8260de87e3df384e1e452a7700_JaffaCakes118
.exe windows:4 windows x86 arch:x86

550cab33c73b850ca10b12b040cfccd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sprintf
strstr
_except_handler3

advapi32

RegSetValueA
RegSetValueExA
RegEnumValueA
RegOpenKeyA
RegQueryValueA
RegCloseKey
RegCreateKeyExA

kernel32

FreeLibrary
GetFileTime
SetFileTime
ExpandEnvironmentStringsA
GetFileAttributesExA
lstrcatA
GetModuleHandleA
lstrlenA
ExitProcess
Sleep
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
lstrcpyA
OpenMutexA
SetErrorMode
CreateDirectoryA
LoadResource
IsBadReadPtr
LocalAlloc
FreeResource
DeleteFileA
SetFilePointer
CloseHandle
WriteFile
CreateFileA
LockResource
GetTempFileNameA
GetTempPathA
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryA
GetFileAttributesA
MoveFileExA
GetLastError
MultiByteToWideChar
CopyFileA
TerminateProcess
ResumeThread
SetThreadContext
GetThreadContext
WriteProcessMemory
VirtualAllocEx
CreateProcessA
GetStartupInfoA
GetModuleFileNameA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

550cab33c73b850ca10b12b040cfccd5

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 988B

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 988B

.rsrc
Size: 32KB - Virtual size: 31KB