d1dbc69de7804f232f3a355bdb943b11_JaffaCakes118

General

Target

d1dbc69de7804f232f3a355bdb943b11_JaffaCakes118
Size

120KB
MD5

d1dbc69de7804f232f3a355bdb943b11
SHA1

2fc39e8549960358bbe4d2bfc94064c12a553706
SHA256

f941ec4056de3c028360e564da34eeb63a32e6fd6e2c8d479d839ad58bff6c71
SHA512

61fcaca423beefd3410f22e083c42a06353a477dbfd3755877bbfbf3d4584238400f3bcae9ba9c282bf02016d8ac155964ad27b959c2cc98ef9d30e2b00db045
SSDEEP

1536:D1C8T5Mbog671RkoonQT2YrYztvpI1pmTBINPmlm2kOUjJcJjE:D1GboR1GZQJgvpqmTBINPSmrOKJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1dbc69de7804f232f3a355bdb943b11_JaffaCakes118

Files

d1dbc69de7804f232f3a355bdb943b11_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b5d67a5420dfb8d0ad2c8262f296142

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
FindResourceA
GetLastError
FreeLibrary
GetDriveTypeA
GetLogicalDrives
GetVersion
GetVersionExA
LoadResource
GetModuleFileNameA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LockResource
CreateFileW
GetSystemInfo
WriteFile
LoadLibraryA
CloseHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
GetProcAddress

user32

GetCaretPos
GetKeyboardType
GetSysColor

shell32

SHGetSpecialFolderPathW

advapi32

RegSetValueExW
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b5d67a5420dfb8d0ad2c8262f296142

Headers

File Characteristics

Imports

kernel32

user32

shell32

advapi32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 10KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 10KB

.rsrc
Size: 80KB - Virtual size: 76KB