dff50a3412eaab508c07c028b5b5cd86_JaffaCakes118

General

Target

dff50a3412eaab508c07c028b5b5cd86_JaffaCakes118
Size

172KB
MD5

dff50a3412eaab508c07c028b5b5cd86
SHA1

aefbada7cc4ace765f36b7eed792a0f29dee8a9c
SHA256

16dc2d71c9eec212473412c35eddf924d87b77051919ebbac856ae2416933974
SHA512

7d8eab2aab7c6b40ef916866ee4cfb373f28788e8165d9dcee0150e536b8dd259230be1bcfdd9f136af5d4256446bfeebd734f06a27165e706fb2d564e703e19
SSDEEP

3072:C9TLD6PEahltTtWoHIXllT9JEJi80N+MitbOVwEaq:C9T/AhltYoHKFYJju/ipswEr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dff50a3412eaab508c07c028b5b5cd86_JaffaCakes118

Files

dff50a3412eaab508c07c028b5b5cd86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5678231283e4b25a178892f89363e33b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CreateFileA
LoadResource
FindResourceA
lstrcpyA
SetLastError
GetLastError
lstrcatA
HeapFree
HeapAlloc
ReadFile
SetFilePointer
GetModuleFileNameA
ExitProcess
ReleaseMutex
CreateMutexA
GetCommandLineA
CreateThread
CreateDirectoryA
GetCurrentThreadId
GetWindowsDirectoryA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
RtlUnwind
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetVersion
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetFullPathNameA
GetCurrentDirectoryA
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5678231283e4b25a178892f89363e33b

Headers

File Characteristics

Imports

kernel32

Sections

.data Size: 52KB - Virtual size: 49KB

.rsrc Size: 116KB - Virtual size: 113KB

.data
Size: 52KB - Virtual size: 49KB

.rsrc
Size: 116KB - Virtual size: 113KB