fd8a6f1fa68b2555bca683e6fd52c3cc_JaffaCakes118

General

Target

fd8a6f1fa68b2555bca683e6fd52c3cc_JaffaCakes118
Size

452KB
MD5

fd8a6f1fa68b2555bca683e6fd52c3cc
SHA1

c0bc046085b7d355b313131388a7217def74a8e5
SHA256

b3a33fcaf14782618d9e82c1b866b09495e39edd1db21ef2e096d7a660e426c9
SHA512

e01c3fa1fd02bac5e15f47f282705e04aaccc6df5cb89f0f962b6e3562637e5f1a393ea0871d02eb0db5424ad3e37ee529d3a1a91d5a8e3c396d673a025c27f4
SSDEEP

12288:bJylgZZlmhLR6QXTFBFtCTqfl/ZkrpwfS+ra/pj4w7h:bJ+gTk7LFR9/Zmd9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd8a6f1fa68b2555bca683e6fd52c3cc_JaffaCakes118

Files

fd8a6f1fa68b2555bca683e6fd52c3cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ed3b31e83baa54d6d371454cd0f7369

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
WideCharToMultiByte
GetVolumeInformationA
CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetProcessHeap
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetVersionExA
GetLocaleInfoA
GetACP
InterlockedExchange
ReadFile
SetEndOfFile
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapDestroy
HeapCreate
VirtualFree
HeapReAlloc
IsBadWritePtr
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapSize
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LoadLibraryA
IsBadReadPtr
IsBadCodePtr
SetFilePointer
SetStdHandle
FlushFileBuffers
GetOEMCP
GetCPInfo

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegEnumKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 408KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ed3b31e83baa54d6d371454cd0f7369

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 408KB - Virtual size: 411KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 408KB - Virtual size: 411KB