161e04253f61765a6569a90f2016895c_JaffaCakes118

General

Target

161e04253f61765a6569a90f2016895c_JaffaCakes118
Size

178KB
MD5

161e04253f61765a6569a90f2016895c
SHA1

48e3dcaab7c0ab6fca6b9d8b274e4befdd125c9a
SHA256

4596af11539318d243282a2340cad3e242c666a4cef63de29466f469ed3cffa1
SHA512

6931bee4732fe6af1b421d734853dd95d65b117410c0b52414db17d6531441adafb6b1340071906452dcf001d7ed7bbd4b0138494cac55ea66733f50891eea66
SSDEEP

3072:jr0JMIK6joP9Q7PW16Kp6/fx16vIXzFvsnY+jY8XkqTriIBORAMkwj316aiPldih:3HIiP92PWcKA/KIDGhd9rCXniPP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161e04253f61765a6569a90f2016895c_JaffaCakes118

Files

161e04253f61765a6569a90f2016895c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4952451443ecd058e95c3cfb1c13b1ad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageRvaToVa
ImageGetDigestStream
ImageNtHeader
ImageDirectoryEntryToData

kernel32

GetFileAttributesA
CreateFiberEx
OutputDebugStringA
EndUpdateResourceW
ReadFile
GetFullPathNameW
EscapeCommFunction
SetFileAttributesA
AreFileApisANSI
CopyFileA
RemoveDirectoryA
BeginUpdateResourceW
GetFullPathNameA
CreateDirectoryA
GetFileAttributesW
DeleteFileA
CopyFileW
EnumResourceNamesW
UpdateResourceW
DebugBreak
FatalExit
GetOEMCP
RemoveDirectoryW
DeleteFileW
FreeLibrary
LoadLibraryExW
CreateDirectoryW
LoadLibraryExA
FindClose
lstrlenA
SetFileAttributesW
GetFileInformationByHandle

msvfw32

ICInfo

advapi32

CryptCreateHash
CryptGetHashParam
CryptHashData
CryptAcquireContextA
CryptReleaseContext
CryptDestroyHash

user32

wsprintfW
CharNextA
MonitorFromWindow
CharNextW

shell32

CommandLineToArgvW

psapi

GetProcessMemoryInfo

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4952451443ecd058e95c3cfb1c13b1ad

Headers

File Characteristics

Imports

imagehlp

kernel32

msvfw32

advapi32

user32

shell32

psapi

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 23KB - Virtual size: 22KB

.lib Size: 512B - Virtual size: 80KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 23KB - Virtual size: 22KB

.lib
Size: 512B - Virtual size: 80KB