JaffaCakes118_787d465fc2093a6345cde930b6149a62

General

Target

JaffaCakes118_787d465fc2093a6345cde930b6149a62
Size

81KB
MD5

787d465fc2093a6345cde930b6149a62
SHA1

b450ddb2f44ce3822b25d3da4e3999f7d211ad33
SHA256

b1241b28a46f68c5e365fd5dcf0365a263a88019e92503fbd0338b21bb177e2f
SHA512

236f59bad4d91e23a43a07420bbd489ce6de4091ad1fd7e3dce1b2e539dd5de431e05dc770e16244223889d383c46ebd95836274eb3c257189aa792efabeb3e4
SSDEEP

1536:V/vwj+hzGG8ljLAAMgA+J/Z1JhnGpoxcbli6yDAy+:Nw6hzG+ZgAqrPGp6cbekn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_787d465fc2093a6345cde930b6149a62

Files

JaffaCakes118_787d465fc2093a6345cde930b6149a62
.exe windows:6 windows x86 arch:x86

fe8a0345d34a57b038dc13626ed2d603

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

s:\work\890\hpdmpcfg\code\PRODUCT\libchk_wlh_x86\i386\hpidmpcfgx.pdb

Imports

advapi32

RegGetValueA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA

kernel32

CopyFileA
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter

msvcrt

_exit
_XcptFilter
_initterm
_amsg_exit
__setusermatherr
_cexit
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_except_handler4_common
_controlfp
__getmainargs
_stat
perror
printf
sprintf
memset
isalnum
ispunct
strchr
exit
_iob
fprintf
_adjust_fdiv

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe8a0345d34a57b038dc13626ed2d603

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 964B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 660B

.text Size: 70KB - Virtual size: 72KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 964B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 660B

.text
Size: 70KB - Virtual size: 72KB