0af5f089a1d6b2e4c17900506377ed01_JaffaCakes118

General

Target

0af5f089a1d6b2e4c17900506377ed01_JaffaCakes118
Size

151KB
MD5

0af5f089a1d6b2e4c17900506377ed01
SHA1

7eef92deb71ef7ef30f2efc46ca00ce37dc00693
SHA256

07318fadc08c5d14514f742191a250f84111eeb819635e5f32951cede2d9a902
SHA512

e283094795f7a8321d753ece56c1ec26a8ce8eea4c56b4ba890992c75bf7aaedb902aafe981266a993fbb04c5a1aeb2da8a79a96f04600f50ef6fbf65fea6964
SSDEEP

3072:y2IkHeyeuI21noYyFiBzO7Z68ylq+zDjjL+XghaVf54r2UwZM+kb8:yFD0+YyYhOlrylt7jLRhof54iUw+/8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af5f089a1d6b2e4c17900506377ed01_JaffaCakes118

Files

0af5f089a1d6b2e4c17900506377ed01_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3319683f8e03ef5dbb7d4f7839ac796c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetModuleHandleA
CreateFileA
WideCharToMultiByte
IsDBCSLeadByte
LockResource
InitializeCriticalSection
GetCurrentProcessId
GetSystemTimeAsFileTime
MoveFileA
SetHandleInformation
GetShortPathNameA
GetLastError
lstrcatA
InterlockedDecrement
GetThreadLocale
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapValidate
DeleteCriticalSection
GetVersionExA
VirtualQuery
MultiByteToWideChar
GetLocaleInfoA
InterlockedExchange
DeleteFileA
GetProcAddress
SetEvent
lstrlenA
CreateProcessA
lstrcmpiA
WriteFile
LoadLibraryExA
InterlockedIncrement
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
CreatePipe
GetStartupInfoA
OutputDebugStringA
RaiseException
lstrlenW
FindResourceA
GetModuleFileNameA
ReadFile
LoadResource
FreeLibrary
GetACP
GetSystemDirectoryA
SizeofResource
GetModuleHandleA
SetHandleContext
CloseHandle

advapi32

OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

LoadStringA
wsprintfA
CharNextA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jjtq
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 138KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3319683f8e03ef5dbb7d4f7839ac796c

Headers

File Characteristics

Imports

kernel32

advapi32

version

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 118KB

.jjtq Size: 3KB - Virtual size: 3KB

.edata Size: 138KB - Virtual size: 263KB

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 118KB

.jjtq
Size: 3KB - Virtual size: 3KB

.edata
Size: 138KB - Virtual size: 263KB