053ee80b42e50da94cfedfe36f11e934_JaffaCakes118

General

Target

053ee80b42e50da94cfedfe36f11e934_JaffaCakes118
Size

284KB
MD5

053ee80b42e50da94cfedfe36f11e934
SHA1

5321bbe4f6d261bb0278ea1e15314659ae80bd70
SHA256

d29b1a9120fa8e5b4ebfa5ba9bf5f70cbb95617386f092a19e2b62ac1d3ce794
SHA512

b32a032fc2b4ce05af070722538d9139b4ff5b3490d439a3aaff398783bff3c7cbbc869183e5b513afc7ebb5dc48a961e94ffb28b752557a681c3dc3ed0af1db
SSDEEP

3072:rgDQoKuTCQw1devYsB9VBWLKCcS6BqjM9CaYGfVTQMHt3A25FmwROxStPE/C6qHc:8DuYw1MhB9cjcjCaPfA2rKxM0EP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
053ee80b42e50da94cfedfe36f11e934_JaffaCakes118

Files

053ee80b42e50da94cfedfe36f11e934_JaffaCakes118
.exe windows:4 windows x86 arch:x86

915a0ab44215bf94b480fa32b0987ff3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryA
GlobalAlloc
GetLocalTime
FindClose
FindFirstFileA
LockResource
CreateFileA
WriteFile
CloseHandle
GetLastError
CreateDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 248KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

915a0ab44215bf94b480fa32b0987ff3

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 248KB - Virtual size: 246KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 248KB - Virtual size: 246KB