0d74ca4b6ca497a3a6a225c2b60ec2ef_JaffaCakes118

General

Target

0d74ca4b6ca497a3a6a225c2b60ec2ef_JaffaCakes118
Size

747KB
MD5

0d74ca4b6ca497a3a6a225c2b60ec2ef
SHA1

0a07f6f2e1c1b5e1af50fa7607e618fce4727b30
SHA256

ec65b5751b01234d924e3add320d6aadaf752bcbe5aa83f7bcb3c9f482ff0a99
SHA512

156cb8c13188b80d408709ca61e75fea09685060b3f8b0d3ca01f9a4ee350314d6defcf4227fc68a17491cba7c1e86c6e6c111ae1807793ed5a81d9f7c7ba9cb
SSDEEP

12288:ijejp19ejp19ejp1+N4DgC0jBvtlEItyYA89Xu72DtyWejp1RjHEejp1RjHEejpv:iBN+S3lEz89Xu6Dk9jjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d74ca4b6ca497a3a6a225c2b60ec2ef_JaffaCakes118

Files

0d74ca4b6ca497a3a6a225c2b60ec2ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55f5a6ab9d4c9abc6b7946f7401885b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyA
RegQueryValueA

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
GetCurrentThreadId
GetExitCodeProcess
GetExitCodeThread
GetThreadPriority
GetThreadTimes
GetProcessId
FindFirstFileA
GetFileSize
GetFileType
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
HeapFree
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

PostQuitMessage
DefWindowProcA
CreateWindowExA
RegisterClassA
AllowSetForegroundWindow
IsIconic
IsWindowUnicode
GetParent
IsWindowVisible
ShowWindowAsync

Sections

.text
Size: 731KB - Virtual size: 730KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55f5a6ab9d4c9abc6b7946f7401885b8

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 731KB - Virtual size: 730KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 11KB - Virtual size: 14KB

.text
Size: 731KB - Virtual size: 730KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 11KB - Virtual size: 14KB