feb06f45c74f50fb5ac7ebbff54bc0a1_JaffaCakes118

General

Target

feb06f45c74f50fb5ac7ebbff54bc0a1_JaffaCakes118
Size

29KB
MD5

feb06f45c74f50fb5ac7ebbff54bc0a1
SHA1

12b00d2d58769f9773e3777516a6f7f321996630
SHA256

45b0d7cf341379422fa3ee939a0b996665dd49477e538f60a6ef494de8bde753
SHA512

a27ddac82a25cee2c018a1feed6346bd60d6aaca553c55dae2a9a451aef7ec07bbdc149171133d0f8e1f76b1b0801d3dbde7ea3f4e1b4b9ba5972042380930e0
SSDEEP

384:PqGN0oC6yfGud1YlB1CdEh2b7BYRR+GsYa+XsRyG/+WSK5woM:SmI6yfGy1YlS02/BYRR+WYrMK5wo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb06f45c74f50fb5ac7ebbff54bc0a1_JaffaCakes118

Files

feb06f45c74f50fb5ac7ebbff54bc0a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

647cc088a3a67d3b111f954f96d7de2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateEventA
OpenEventA
CopyFileA
DeleteFileA
GetTempFileNameA
Sleep
FreeLibrary
ExitProcess
LoadLibraryA
CreateThread
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetModuleHandleA
GetModuleFileNameA
MoveFileExA
lstrcpyA
lstrcatA
FindFirstFileA
GetProcAddress
FindClose
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetOEMCP
GetACP
GetStartupInfoA
GetCommandLineA
GetVersion
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo

user32

wsprintfA
GetMessageA
DispatchMessageA
TranslateMessage

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey

comctl32

InitCommonControlsEx

urlmon

CreateURLMoniker

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

647cc088a3a67d3b111f954f96d7de2a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

urlmon

oleaut32

Sections

.text Size: 18KB - Virtual size: 17KB

.data Size: 9KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 928B

.text
Size: 18KB - Virtual size: 17KB

.data
Size: 9KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 928B