d6995ee3b0e80cc5c8191a0914c41f1d_JaffaCakes118

General

Target

d6995ee3b0e80cc5c8191a0914c41f1d_JaffaCakes118
Size

90KB
MD5

d6995ee3b0e80cc5c8191a0914c41f1d
SHA1

76e0cd0cfa62ddd7c480df7aa326e14c38c56e69
SHA256

a173b32bf569af067c3cb4967389f9bfa9e451228996b522debfcbc2e7627702
SHA512

f1789dd62a5bfb8ed66610cf6d88d0ce5d8ee3e5c7852e6126ede968b5148b5a0ed1e7f181561968968dad69de7e91be649497c060369ed872b58c071e451164
SSDEEP

768:K65yQEu32mySlw/15nO4rGQzTGfmgc33emu4v/eo4z7VP7LdGSu2HyTAzfMgTAzx:K657XSoQVgd54v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6995ee3b0e80cc5c8191a0914c41f1d_JaffaCakes118

Files

d6995ee3b0e80cc5c8191a0914c41f1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

840c132f3a0e1e199db9550713430a0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

kernel32

AddAtomA
CopyFileA
ExitProcess
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
GetAtomNameA
GetCurrentDirectoryA
GetLastError
GetModuleFileNameA
GetModuleHandleA
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetUnhandledExceptionFilter
Sleep
SleepEx
WinExec
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fflush
fprintf
free
malloc
signal
strlen

user32

GetAsyncKeyState

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 560B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

840c132f3a0e1e199db9550713430a0d

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

user32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 80B

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 560B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 78KB - Virtual size: 115KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 80B

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 560B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 78KB - Virtual size: 115KB