168939eb1387c4c31a89148bb6e51cd3_JaffaCakes118

General

Target

168939eb1387c4c31a89148bb6e51cd3_JaffaCakes118
Size

60KB
MD5

168939eb1387c4c31a89148bb6e51cd3
SHA1

cc8aa90d9929c1da77b9540f5ea6c33ee3a297b1
SHA256

5782c6fe8b91cd62238bae4d69fb4ad25e600279431f2a6e852497829d86984a
SHA512

2819fd9b1cb1d723033dec5064d5bd547193c24125df63f6ee1d81911e8e3265c481d492f9caa88083c34a23712735689344dce6fb46ecb33a6dffa6aa23f977
SSDEEP

768:Oh8/P2y1hHO5ocsEac5hHhW4ZzNOzf8PL7iDy3/mgpFTvG:fP2y1ZO54EDhBJZzYzf8PI2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168939eb1387c4c31a89148bb6e51cd3_JaffaCakes118

Files

168939eb1387c4c31a89148bb6e51cd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b3e2e0242dbcbf489b6035511630e6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileA
CompareStringW
CompareStringA
InterlockedExchange
HeapSize
RtlUnwind
InitializeCriticalSection
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
SetStdHandle
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCPInfo
UnhandledExceptionFilter
SetEnvironmentVariableW
SetEnvironmentVariableA
FlushFileBuffers
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
ReadFile
FileTimeToSystemTime
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
WideCharToMultiByte
DeleteCriticalSection
HeapFree
HeapReAlloc
HeapAlloc
GetVersionExA
CreateThread
GetCurrentThreadId
ExitThread
GetFileAttributesA
MultiByteToWideChar
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcess
TerminateProcess
GetModuleHandleA
ExitProcess
FindClose
FindNextFileA
FindFirstFileA
GetExitCodeThread
LoadLibraryA
GetProcAddress
FreeLibrary
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
CloseHandle
GetLastError
FormatMessageA
LocalFree
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
GetCurrencyFormatA
OutputDebugStringA
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
WriteFile
GetCurrentDirectoryA

advapi32

RegOpenKeyExA
RegEnumKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 534B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b3e2e0242dbcbf489b6035511630e6b

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 28KB - Virtual size: 24KB

.data Size: 20KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 888B

.reloc Size: 4KB - Virtual size: 534B

.text
Size: 28KB - Virtual size: 24KB

.data
Size: 20KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 888B

.reloc
Size: 4KB - Virtual size: 534B