e0a4984131da863fd3450c4d8e658706_JaffaCakes118

General

Target

e0a4984131da863fd3450c4d8e658706_JaffaCakes118
Size

40KB
MD5

e0a4984131da863fd3450c4d8e658706
SHA1

458ea501b0446571797b6531e8740bc635c25e47
SHA256

fe2afda30821b313819c0c695b75f879e305c7a892a62202a1acf4ec10a48ee1
SHA512

3a361a13a7094c2ece66c5a4afa1d8c7bdf809dc13e6c38471cf0281b02d7134f237fda723a0dfceb53daa43f05fc32b8faa4942a104fd6bbde223924e1f2029
SSDEEP

768:ygbCX3Pq8o3s90gED2iUdWUgAQm7LsPXgo:lA9ICi6WUNQ2Vo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0a4984131da863fd3450c4d8e658706_JaffaCakes118

Files

e0a4984131da863fd3450c4d8e658706_JaffaCakes118
.exe windows:4 windows x86 arch:x86

35c65a44ef4a47e7af0e06c9ef77a306

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
GetTempPathA
CreateProcessA
GetStringTypeA
LCMapStringW
LCMapStringA
SetEndOfFile
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
MoveFileExA
Sleep
SetFilePointer
LoadLibraryA
GetLastError
DeleteFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
ReadFile
MultiByteToWideChar
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetProcAddress
GetStringTypeW

user32

wsprintfA

advapi32

RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteValueA

urlmon

URLDownloadToCacheFileA

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

35c65a44ef4a47e7af0e06c9ef77a306

Headers

File Characteristics

Imports

kernel32

user32

advapi32

urlmon

Sections

.text Size: 28KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 28KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 9KB