fb9478ecec3ef621192976d49e67d1dc_JaffaCakes118

General

Target

fb9478ecec3ef621192976d49e67d1dc_JaffaCakes118
Size

276KB
MD5

fb9478ecec3ef621192976d49e67d1dc
SHA1

b81200eb83b1dc5183aeb9dd813a3305dd08f2c8
SHA256

9005252c2a490b747e364446194f9556e1bd5fcb19a602bc8bda503896b8753c
SHA512

f1997eb15e2802aed7c225a7c5367c91d80051c1884fb4c8094c60e46780b87e56f939a86f1ac6323b6827a93816b192a49b30be3863e512081635e21fa9db3c
SSDEEP

6144:mBVG086hzjCChkY8pvTfuFoSsdT8qlq3:qVGYh3eY8pr2FpsdThlq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb9478ecec3ef621192976d49e67d1dc_JaffaCakes118

Files

fb9478ecec3ef621192976d49e67d1dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22ee1f923b7a973e028aa5b92f36fed2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
DeleteFileA
CreateFileA
Process32First
GetVersion
Process32Next
GetSystemTime
GetEnvironmentVariableA
WriteFile
GetStdHandle
CreateProcessA
WaitForSingleObject
CloseHandle
TerminateProcess
GetExitCodeProcess
CreateDirectoryA
GetLastError
HeapFree
MultiByteToWideChar
ExitProcess
GetCurrentProcess
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
RtlUnwind
Sleep
RaiseException
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
FlushFileBuffers
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
ReadFile
SetEndOfFile
LCMapStringA
LCMapStringW

advapi32

OpenEventLogA
ReportEventA
CloseEventLog
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 216KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22ee1f923b7a973e028aa5b92f36fed2

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 216KB - Virtual size: 222KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 216KB - Virtual size: 222KB