cfca845ebf2af7811e552bbdf4b8933c_JaffaCakes118

General

Target

cfca845ebf2af7811e552bbdf4b8933c_JaffaCakes118
Size

133KB
MD5

cfca845ebf2af7811e552bbdf4b8933c
SHA1

1b0122e37abf3dfc041ee467223f252b9b19b4e1
SHA256

93a0d518c07853670983f60468bb88c17e2be66350eb53bd7c61bb4895325953
SHA512

4f194f34a885e239c9eb6084b834e4c8ce7212ddff19ed5b9bba41b5956d91446edf8f5ddae0478cb93859dab6b0e65e608bc4c416fb9173ca91347faca438fb
SSDEEP

3072:FVA3meHO1pAjy93CELQCmIGJMNnqW4bDRCQr83tFWIH:/J16293CE8CMJMNnqx8WS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfca845ebf2af7811e552bbdf4b8933c_JaffaCakes118

Files

cfca845ebf2af7811e552bbdf4b8933c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

84fc64a35e07679f805406c5c52f78bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetProcessHeap
GetSystemTimeAsFileTime
SetSystemPowerState
GetCPInfo
FormatMessageA
DeviceIoControl
WaitForSingleObject
GetCurrentProcess
GetTempPathW
LoadLibraryW
HeapWalk
HeapCompact
HeapAlloc
HeapCreate
HeapFree
GetFileAttributesW
SetFileAttributesA
GetCurrentThreadId
GetCommandLineW
GetModuleHandleW
MoveFileW
GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

_belympogohxvndjaauevf@4
_fltppmygtgqxjwpjswglwgby@4
_knzgxuujlywqlnjghcxa@4
_kxdgqrwuqljsygffduz@4
_oqjtsruebsnwad@4
_wcvelskntaijjorkmexhkzh@4
_wliyclvdcqgvezcpac@4
_yanpsrzco@4

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84fc64a35e07679f805406c5c52f78bc

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 82KB - Virtual size: 82KB

.data Size: 3KB - Virtual size: 26KB

.ndata Size: 1024B - Virtual size: 784B

.rsrc Size: 1024B - Virtual size: 768B

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 82KB - Virtual size: 82KB

.data
Size: 3KB - Virtual size: 26KB

.ndata
Size: 1024B - Virtual size: 784B

.rsrc
Size: 1024B - Virtual size: 768B