d5ca9fe5fabb6e73ac3ad7f2003a78be_JaffaCakes118

General

Target

d5ca9fe5fabb6e73ac3ad7f2003a78be_JaffaCakes118
Size

209KB
MD5

d5ca9fe5fabb6e73ac3ad7f2003a78be
SHA1

2688607178016a520c6891d058824a1000c8b726
SHA256

b3ad64505b046123795f34ea06bc446b49eb1ab7c49078223e13d44938bcaffd
SHA512

72313e527e59c39dbaf121ac63d9149f8e598b43b1cb27b97ee634fd6361b81a4c05a70985268f3b3b48f469fbdef1a36dc359d5b251943f24487b2b79dc753d
SSDEEP

6144:3dBQ+MZUKHr7aaBJMSQCEV3x2r2crsZ2kZlkpq+JSrwwY:3bQ9XBj2x2r3reZGi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ca9fe5fabb6e73ac3ad7f2003a78be_JaffaCakes118

Files

d5ca9fe5fabb6e73ac3ad7f2003a78be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f58dac589cc45197fc874b094f4df4cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

psapi

GetProcessMemoryInfo

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptHashData
CryptGetHashParam
CryptCreateHash
CryptDestroyHash

msvfw32

ICInfo

imagehlp

ImageRvaToVa
ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData

kernel32

SetFileAttributesW
OutputDebugStringA
CreateFiberEx
BeginUpdateResourceW
CreateDirectoryW
CreateDirectoryA
EndUpdateResourceW
GetFullPathNameA
FreeLibrary
EscapeCommFunction
RemoveDirectoryA
DebugBreak
ReadFile
CopyFileW
SetFileAttributesA
EnumResourceNamesW
RemoveDirectoryW
AreFileApisANSI
GetFullPathNameW
GetFileAttributesA
UpdateResourceW
CopyFileA
lstrlenA
FindClose
FatalExit
LoadLibraryExA
DeleteFileW
DeleteFileA
GetFileAttributesW
LoadLibraryExW
GetOEMCP
GetFileInformationByHandle

user32

wsprintfW
CharNextA
MonitorFromWindow
CharNextW

shell32

CommandLineToArgvW

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f58dac589cc45197fc874b094f4df4cb

Headers

File Characteristics

Imports

psapi

advapi32

msvfw32

imagehlp

kernel32

user32

shell32

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 14KB - Virtual size: 14KB

.lib Size: 512B - Virtual size: 92KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 14KB - Virtual size: 14KB

.lib
Size: 512B - Virtual size: 92KB