c867e39b75b3856b51d5f122fc39e3a0_JaffaCakes118

General

Target

c867e39b75b3856b51d5f122fc39e3a0_JaffaCakes118
Size

172KB
MD5

c867e39b75b3856b51d5f122fc39e3a0
SHA1

bd350e54b883caeb2036f2b5177cc7c99e88fe1d
SHA256

9dfeb37353784ec4915beb00d0f070783f9dc78cd32d23d985229f0115454a89
SHA512

12cf9c489cf36258aae69024063d8869259a66b40d55ea1b107d8db3d158653b43ae042a334d6c06430592b7209e5b5f1143173de345cf00fe144a4b92a36896
SSDEEP

3072:suD9D6PEahmtTtsTxaWzdKE5i8061ThO3hcEBZ:suD5Ahmt2TxNJ5jR1TExcEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c867e39b75b3856b51d5f122fc39e3a0_JaffaCakes118

Files

c867e39b75b3856b51d5f122fc39e3a0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5678231283e4b25a178892f89363e33b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
LoadResource
FindResourceA
lstrcpyA
SetLastError
GetLastError
lstrcatA
HeapFree
HeapAlloc
ReadFile
SetFilePointer
GetModuleFileNameA
ExitProcess
ReleaseMutex
CreateMutexA
GetCommandLineA
CreateThread
CreateDirectoryA
GetCurrentThreadId
GetWindowsDirectoryA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
RtlUnwind
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetVersion
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
GetCurrentDirectoryA
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5678231283e4b25a178892f89363e33b

Headers

File Characteristics

Imports

kernel32

Sections

.data Size: 52KB - Virtual size: 49KB

.rsrc Size: 116KB - Virtual size: 113KB

.data
Size: 52KB - Virtual size: 49KB

.rsrc
Size: 116KB - Virtual size: 113KB