083a8dbff3b1072ab88ab97892bf85a3_JaffaCakes118

General

Target

083a8dbff3b1072ab88ab97892bf85a3_JaffaCakes118
Size

80KB
MD5

083a8dbff3b1072ab88ab97892bf85a3
SHA1

0039d6b1d191e110aef177cf708615ca2b5dd280
SHA256

7db75bb62c483b44f6c61d1c28452a1ec4188d09adf6559b5f4a29306c934629
SHA512

8e4c04e6f4f8ebda3ea763eea9f43738a78591e6823d4195ac9910e46168f6b0afded6758b293b682ed7e4a278eaf31932be2d7045b3d3903408279419842683
SSDEEP

768:gVRkagM5gSE8/kvIRz+G3dw4uoFtOm6svcUVWpv+DL5t64kl1:qka5owkvIRzVw5jUVrxt64kl1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083a8dbff3b1072ab88ab97892bf85a3_JaffaCakes118

Files

083a8dbff3b1072ab88ab97892bf85a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eee9530a0ea978546687b01d3dd29062

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyA
FreeSid
CheckTokenMembership
AllocateAndInitializeSid

kernel32

DeleteFileA
CloseHandle
WriteFile
FreeResource
CreateFileA
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
GetCurrentProcess
Sleep
LoadLibraryA
lstrcatA
ExpandEnvironmentStringsA
CreateProcessA
CopyFileA
lstrcpyA
GetModuleFileNameA
WinExec
SetFileTime
GetFileAttributesExA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange

msvcr80

_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
_amsg_exit
memset
strncmp
__getmainargs

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eee9530a0ea978546687b01d3dd29062

Headers

File Characteristics

Imports

advapi32

kernel32

msvcr80

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 908B

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 908B

.rsrc
Size: 60KB - Virtual size: 56KB