3a427b9bb27134f8824f2231de473a6b_JaffaCakes118

General

Target

3a427b9bb27134f8824f2231de473a6b_JaffaCakes118
Size

8.0MB
MD5

3a427b9bb27134f8824f2231de473a6b
SHA1

2bcc8ec4f738659df2c0b94a9b28cf03c31b6147
SHA256

0217b4f7eb9f68896a54003334e10bbb76a77dda4793d2d29fce96f011246858
SHA512

f8f6a6657812ff830f49f7670c8c97d7df8f997e89648ab3c2686e9f9d9c01de72f9b4e8d82d4d1c8f2505fb3700234b8b39ddf19fefedc67e3b09c4f8ec6e78
SSDEEP

1536:BCOSOw09WY5dvI6sq1pnLQfwFUM1qo0FYbMo+Xomwwh5Ga:BCOu2fwMs4P1qo0F4p+4gLGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a427b9bb27134f8824f2231de473a6b_JaffaCakes118

Files

3a427b9bb27134f8824f2231de473a6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10ff5249fb3aff1e80f77b8fda738df3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleCreateEx

winspool.drv

ConfigurePortA

advapi32

RegCreateKeyExA
RegSetValueExA
LookupAccountNameW
RegCloseKey

kernel32

IsBadWritePtr
GetSystemInfo
TlsGetValue
CopyFileA
TlsFree
SetEnvironmentVariableA
CompareStringW
GetCurrentProcessId
GetTickCount
DeleteFileA
HeapDestroy
WaitForSingleObject
CreateProcessA
GetOEMCP
GetExitCodeProcess
LockResource
HeapCreate
VirtualQuery
CompareStringA
GetVersionExA
SetFilePointer
VirtualAlloc
VirtualProtect
DeleteCriticalSection
GetSystemTimeAsFileTime
GetFileType
HeapFree
GetSystemInfo
CreateDirectoryA
lstrcpyA
HeapReAlloc
LeaveCriticalSection
CreateThread
GetSystemTime
RemoveDirectoryA
QueryDosDeviceW
GetCurrentProcess
WriteFile
EnterCriticalSection
CreateFileA
GetCurrentThreadId
GetStdHandle
ExitThread
VirtualFree
SetHandleCount
GetSystemDirectoryA
SizeofResource
TlsSetValue
GetLocaleInfoA
OutputDebugStringA
GetWindowsDirectoryW
FindResourceA
GetACP
GetCPInfo
GetStartupInfoA
LoadResource

Sections

.net
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

a4e4flvt
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10ff5249fb3aff1e80f77b8fda738df3

Headers

DLL Characteristics

File Characteristics

Imports

ole32

winspool.drv

advapi32

kernel32

Sections

.net Size: 7KB - Virtual size: 6KB

.data Size: 6KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 3KB

a4e4flvt Size: 14KB - Virtual size: 39KB

.net
Size: 7KB - Virtual size: 6KB

.data
Size: 6KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 3KB

a4e4flvt
Size: 14KB - Virtual size: 39KB