c873ede9a4a8b2977d33182f0a2331e4_JaffaCakes118

General

Target

c873ede9a4a8b2977d33182f0a2331e4_JaffaCakes118
Size

281KB
MD5

c873ede9a4a8b2977d33182f0a2331e4
SHA1

fa4acfb0c0b2c726d0b74bffd4c59f8f4d86b9ae
SHA256

ec15004d581140fdb5a60f65291cecd8b4af74d5961890f96ca9c6fe377bd9ea
SHA512

60b3a56e512db134f9fffc1e6d5be4184a298de3c0b941bb99588ccfb3350d73ece9eb393e17f616e37563caf39fea9cad46dc213f82b65a416cda7524ae07ea
SSDEEP

6144:vK5LmAXQ+2ThjGrgbw8LxdtsMh0Sx4SthIsbCFkTEt:vuxXWMWhtsMh0SqUDbCCTa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c873ede9a4a8b2977d33182f0a2331e4_JaffaCakes118

Files

c873ede9a4a8b2977d33182f0a2331e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f1ddc155a2ef5e24f673278dd895e43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
DeleteFileA
CloseHandle
GetLastError
CreateMutexA
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
RaiseException
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
WriteFile
SetFilePointer
FlushFileBuffers
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
HeapSize
GetProcAddress
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
ReadFile
GetACP
GetOEMCP
LoadLibraryA
CreateFileA
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f1ddc155a2ef5e24f673278dd895e43

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 20KB - Virtual size: 24KB

.rrdata Size: 80KB - Virtual size: 80KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 20KB - Virtual size: 24KB

.rrdata
Size: 80KB - Virtual size: 80KB