2b4b20244e0c09286bc985473fecaae7_JaffaCakes118

General

Target

2b4b20244e0c09286bc985473fecaae7_JaffaCakes118
Size

31KB
MD5

2b4b20244e0c09286bc985473fecaae7
SHA1

116c835d6be7a4cefd4c9b081a7d6f7a73bbe555
SHA256

d9945b08374fb37e2c990b59142c76ed9069eaffa980f528ed6de7950ef96bc2
SHA512

6bcb128935f441537a43f690fa6b00994e78c8457948ef87f1ceb5de90ef0f37a01756a2dd12da9824795633a0dc40253e2703a262f37c9eabcc03bf742010dd
SSDEEP

384:sR1Zhy4QlLXkyQX4mhtWRucTJ13Qvu0fKAZARcbxInAKoqhMxjO/lqG1rCPuYul4:mhy4GL0yoHWRCGeZfVInTYxjsnrC2Tl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b4b20244e0c09286bc985473fecaae7_JaffaCakes118

Files

2b4b20244e0c09286bc985473fecaae7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f52213422603abf66a409a461a741de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetLastError
VirtualAlloc
CreateFileW
GetVersion
CloseHandle
DeviceIoControl
VirtualFree
MultiByteToWideChar
DeleteFileA
CopyFileA
GetSystemDirectoryA
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetProcAddress
FreeLibrary
QueryDosDeviceA
OutputDebugStringA
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetFilePointer
FlushFileBuffers
GetModuleHandleA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
HeapFree
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
LoadLibraryA
HeapReAlloc
InterlockedExchange
VirtualQuery
GetLocaleInfoA
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
SetStdHandle

user32

wvsprintfA
wsprintfA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyA

ntdll

NtQuerySystemInformation
NtLoadDriver
RtlInitUnicodeString
RtlUnwind

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4f52213422603abf66a409a461a741de

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ntdll

Sections

.text Size: 22KB - Virtual size: 22KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 7KB

.text
Size: 22KB - Virtual size: 22KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 7KB