181c233d721fd7fa6426de8a50014002_JaffaCakes118

General

Target

181c233d721fd7fa6426de8a50014002_JaffaCakes118
Size

37KB
MD5

181c233d721fd7fa6426de8a50014002
SHA1

35c81f32b63d161ff1c344b4f61bd0da8b858ea9
SHA256

30b301b16e7e4bbb929a2468d60965355aa6439ec3a0def5542e21168b9758d4
SHA512

eab580367557741796ef2cde05f50445ebab3b2ac806ea9f27986e52b5c824540024bcdcae0e84f1928d485734fde988b8a2b5454fd3ac9ed1ad04a368fa2904
SSDEEP

768:tG6SEFsPa98r5SDw3MiL2xudXWBODP7wSWQ0Y4unLz29:tG6SaKsQYw354udXWBuLZLA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
181c233d721fd7fa6426de8a50014002_JaffaCakes118

Files

181c233d721fd7fa6426de8a50014002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8bbe3898641c292f5bd8d2e98692809

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateFileA
CreateToolhelp32Snapshot
DeleteCriticalSection
DuplicateHandle
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FormatMessageA
GetACP
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetLastError
GetModuleFileNameA
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetTimeFormatA
GlobalHandle
GlobalLock
GlobalUnlock
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
LeaveCriticalSection
LoadResource
LocalAlloc
LockResource
MapViewOfFile
Module32First
Module32Next
MoveFileExA
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
ReadProcessMemory
ReleaseMutex
SetEndOfFile
SetLastError
SizeofResource
Sleep
UnhandledExceptionFilter
WriteConsoleA
lstrcmpiA
lstrcpyA
lstrlenA

user32

CharUpperA
GetDlgItemTextA
MapWindowPoints
SetTimer

advapi32

CloseServiceHandle
GetUserNameA
RegEnumValueA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8bbe3898641c292f5bd8d2e98692809

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 27KB - Virtual size: 27KB

.DATA Size: 1024B - Virtual size: 9KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 27KB - Virtual size: 27KB

.DATA
Size: 1024B - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB