f602b01077de0fa3dc6856eb0d0e8918_JaffaCakes118

General

Target

f602b01077de0fa3dc6856eb0d0e8918_JaffaCakes118
Size

148KB
MD5

f602b01077de0fa3dc6856eb0d0e8918
SHA1

d10a67a509aadc354b1e9517222c06a75eb2fa63
SHA256

bb82bd20eccdfc2ce8528e904bb4e6ec932b608fb11dcedc12812b882d9f18c0
SHA512

407099f83e1bb89fadf9650c2d1aa4d3701168840fea502ce5fdcee87148be287c57afb1161f614f5b3cb0c7166a8aa20ae693fc7cb1ce297ea9889286d8c7e9
SSDEEP

3072:pyoxSdoTL6wESVR2TIX0v4jgcfzmoApPEn:3xSlmn6IX0YgcrmoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f602b01077de0fa3dc6856eb0d0e8918_JaffaCakes118

Files

f602b01077de0fa3dc6856eb0d0e8918_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ede0254478c89bc488dfe877d1b3d81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterWindowMessageA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RegisterClassExA
KillTimer
PostQuitMessage
DefWindowProcA
SetTimer
DestroyWindow
CreateWindowExA
LoadCursorA

advapi32

RegEnumKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA

kernel32

ExitProcess
HeapDestroy
GetVersionExA
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
ReleaseMutex
GetLastError
CreateMutexA
CloseHandle
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
WriteFile
GetModuleFileNameA
GetEnvironmentVariableA
RtlUnwind
UnhandledExceptionFilter
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ede0254478c89bc488dfe877d1b3d81

Headers

File Characteristics

Imports

user32

advapi32

shell32

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 104KB - Virtual size: 100KB