d337383e69bdf31049a967ef740fcc0e_JaffaCakes118

General

Target

d337383e69bdf31049a967ef740fcc0e_JaffaCakes118
Size

56KB
MD5

d337383e69bdf31049a967ef740fcc0e
SHA1

8c8218cb5acd27d4d9fe28b2e33a87faf6046607
SHA256

a51cf59c7143d13e1cf496bdb670e95fcd1e9ed51a3fa32d5370950ecd26db7f
SHA512

8d5e233d18b5c570765d283f59be7fa889c8c13c271b8f67fdd15123fcdaf48af7365809ceecec7045e0a9fe3f4f7c161a26e8beec698fdb05e860562d5a54fa
SSDEEP

768:GqzrCSwtiorm3Kxwjj4ZB+DEperrDJYYx2O5EmNnSgov48:GqHQk3mwjj4ZB+D2er2O5XjovB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d337383e69bdf31049a967ef740fcc0e_JaffaCakes118

Files

d337383e69bdf31049a967ef740fcc0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acf519e135c6144c0dc8e8d6439182ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
GetShortPathNameA
GetWindowsDirectoryA
DeleteFileA
CreateDirectoryA
GetTempFileNameA
GetPrivateProfileStringA
GetLastError
RemoveDirectoryA
GetVersionExA
CloseHandle
WriteFile
SetFilePointer
ReadFile
CreateFileA
lstrcpyA
MoveFileExA
FindFirstFileA
FindNextFileA
CopyFileA
SetFileAttributesA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetFileAttributesA
FindClose
LCMapStringA
SetEndOfFile
SetStdHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
GetStringTypeW
GetStdHandle
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
VirtualFree
GetFileType
HeapDestroy
HeapCreate
RtlUnwind
VirtualAlloc
GetStringTypeA

user32

wsprintfA
CharToOemA
CharNextA
CharPrevA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acf519e135c6144c0dc8e8d6439182ab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 976B

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 976B