c915658b5dce312c9eadabbe19953ee5_JaffaCakes118

General

Target

c915658b5dce312c9eadabbe19953ee5_JaffaCakes118
Size

128KB
MD5

c915658b5dce312c9eadabbe19953ee5
SHA1

d4aa8bff811897f758bac7fdf2a7996a20e56fe8
SHA256

0670c724d6d8d3552acf3e2f6482e0d07643c91392219b9a24db851ee15f2c42
SHA512

c074a418d137c09e11234beee24dafe438c59afff3e56b0abc5f1eced22e42da00793c92d24536cc3b0b817aa64613d4474c7fd25207eba0ea6c7dfeb2dcfcaa
SSDEEP

3072:Ub0yvljJcEizWoOWbdvLHj4Amx+Bey/9LGr7b8:h9LzWabdAAzRliPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c915658b5dce312c9eadabbe19953ee5_JaffaCakes118

Files

c915658b5dce312c9eadabbe19953ee5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e3a8c8c34dee531da012c88f99d5b82d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetLastError
WideCharToMultiByte
LockResource
LoadResource
FindResourceExA
LocalFree
OutputDebugStringA
FormatMessageA
FindClose
FindFirstFileA
GetExitCodeProcess
WaitForSingleObject
lstrlenA
SetHandleCount
GetEnvironmentStringsW
CloseHandle
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetThreadLocale
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
GetStringTypeA
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc

user32

MessageBoxA
LoadStringA

shell32

ShellExecuteExA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3a8c8c34dee531da012c88f99d5b82d

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 84KB - Virtual size: 84KB