d00cbc3c5b574d0d73ef8d5807c6ae0e_JaffaCakes118

General

Target

d00cbc3c5b574d0d73ef8d5807c6ae0e_JaffaCakes118
Size

150KB
MD5

d00cbc3c5b574d0d73ef8d5807c6ae0e
SHA1

240cd26520f7d98ef69f37c6f75fb314919c76aa
SHA256

42a7d1f35fb3a3d7e1e2b146c870ff282feeed43bcb0452bd03425da6a6577e0
SHA512

ff374d8c8298a2899db08b38c9630ca4b69626a7b75724cd0ee315a49ec16926336d27405e502e9c45b9e7bca37864f110e244d8829c960659add8ad7055580a
SSDEEP

3072:4WexepyMHNul8q9dS/ye2F9jdYpC8hcPx2WkoegTVMoROoHjxQVVtU23:lDNuo/oFNdYHhcPYf/gx/OoHWhd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d00cbc3c5b574d0d73ef8d5807c6ae0e_JaffaCakes118

Files

d00cbc3c5b574d0d73ef8d5807c6ae0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45cb4ac5dc0f3a5f77affb3a132558da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegEnumValueA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyA
RegSetValueExA
RegCreateKeyExA

kernel32

CreateProcessA
LCMapStringA
SetInformationJobObject
SetLastError
GetLongPathNameW
LocalFree
FreeLibrary
CreateDirectoryA
TermsrvAppInstallMode
FlushFileBuffers
HeapFree
GetThreadLocale
GetTempPathW
GetLogicalDriveStringsA
FreeEnvironmentStringsW
ActivateActCtx
GetModuleFileNameW
LoadLibraryA
GetStringTypeW
CreateFileMappingA
LCMapStringW
GetCommandLineA
GetUserDefaultUILanguage
MapViewOfFile
GetModuleHandleA
ReadFile
GetFileSize
ExitProcess
SetFilePointer
HeapReAlloc
CreateFileA
GetProcessHeap
HeapAlloc
InterlockedExchange
GetTempPathA
GetModuleFileNameA
GetVersionExA
ReleaseSemaphore
GetProcAddress
GetTempFileNameW
GetCurrentProcess
WaitForSingleObject
GetCurrentDirectoryW
WriteFile
GetStartupInfoA
_lopen
GetStringTypeA
CloseHandle
CreateProcessW
GlobalMemoryStatusEx
CreateFileW

ole32

CoQueryClientBlanket
CreateDataAdviseHolder
OleBuildVersion
CoLockObjectExternal

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetFileInfoA
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
ShellExecuteA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 133KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45cb4ac5dc0f3a5f77affb3a132558da

Headers

File Characteristics

Imports

version

advapi32

kernel32

ole32

shell32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 10KB

.rsrc Size: 2KB - Virtual size: 2KB

.rdata Size: 133KB - Virtual size: 155KB

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 10KB

.rsrc
Size: 2KB - Virtual size: 2KB

.rdata
Size: 133KB - Virtual size: 155KB