053f36623bfc472a7ea33501020a2c5d_JaffaCakes118

General

Target

053f36623bfc472a7ea33501020a2c5d_JaffaCakes118
Size

32KB
MD5

053f36623bfc472a7ea33501020a2c5d
SHA1

95658e4ce1ef3095f108e12f3986ff2d252877e5
SHA256

b4ead7aa47dfc97cd15530e9553a8e455792018d9602861ae12b9ffba74f6c9f
SHA512

d863266974e13933d76470ae06b7572e3bce0dd5f9bf5d826ae3f751df21b5188e72bce5a14118f5fa8f6ed94870228c5ebea8822bf76b67b508aec7a235ee67
SSDEEP

384:bLfu2cqtHlKcrUbaTzM5v+k0i7MmlqB9yNNtarheoBz5G61ar50Or:bLfu2cqtHlXUbaU5DA8NCheoPlY50W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
053f36623bfc472a7ea33501020a2c5d_JaffaCakes118

Files

053f36623bfc472a7ea33501020a2c5d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3993fe131fb3917e8ff0d1178765da6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
GetLastError
lstrlenA
LocalAlloc
LocalFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
FindFirstFileA
GetWindowsDirectoryA
HeapDestroy
HeapCreate
VirtualFree
GetVersionExA
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
GetStringTypeA
GetStringTypeW
DeleteFileA
FindClose
GetFileType
GetStdHandle
HeapFree

user32

MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA

setupapi

SetupDiCallClassInstaller
SetupCopyOEMInfA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3993fe131fb3917e8ff0d1178765da6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

setupapi

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB