19f03da890c35764a583940e103f715a_JaffaCakes118

General

Target

19f03da890c35764a583940e103f715a_JaffaCakes118
Size

67KB
MD5

19f03da890c35764a583940e103f715a
SHA1

416388feefa44e8dd604d474f47fb0f623dde510
SHA256

401c9966a4ce9b02f2ebc5181a5b51ccc70404cb46349650b7452cc6c1dda89f
SHA512

43bdc979bacc74975dde3c55a76d876a7aaafc91ef10632df8964dce62b111799d093ec80a0ba1aefcbf3dea041c131d1a08237c3a0630da9804548336348f7b
SSDEEP

1536:WED2tajZw7ywQaLnollWlS9m60ncaCWZ7FoQ+6nW9sFJTKe:tD2tajhfllWliI39FoX6nWfe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19f03da890c35764a583940e103f715a_JaffaCakes118

Files

19f03da890c35764a583940e103f715a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d67616d51dfe870c4a0611a61e76369

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
SetConsoleNumberOfCommandsW
WaitNamedPipeA
SetCommMask
GetFileSize
GetVolumePathNameA
LoadLibraryW
ExpandEnvironmentStringsW
CopyFileW
GetVolumeInformationA
InterlockedIncrement
UnlockFileEx
WriteFile
GetEnvironmentStringsW
SetUserGeoID
EnumSystemLanguageGroupsA
CreateRemoteThread
EnumSystemLanguageGroupsW
FindFirstChangeNotificationA
LoadLibraryA
CreateHardLinkA
GetProcAddress
ExpandEnvironmentStringsW
LoadLibraryA
WriteTapemark
GetStringTypeA
GetVersion
TzSpecificLocalTimeToSystemTime
ReplaceFile
OpenProfileUserMapping
GetVDMCurrentDirectories
GetConsoleAliasesLengthA
GetExpandedNameW
CancelWaitableTimer
SetFileShortNameA
DeleteAtom
GetConsoleProcessList
GetComputerNameW
GetPrivateProfileSectionNamesA
CreateDirectoryW
CreateIoCompletionPort
Sleep
GlobalHandle
GetModuleHandleExA
SignalObjectAndWait
GetProfileSectionA
NlsGetCacheUpdateCount
lstrcpyA
SetupComm
GetCalendarInfoW
WriteConsoleOutputAttribute
LocalFileTimeToFileTime
Heap32ListFirst
CreateTimerQueueTimer
HeapAlloc

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d67616d51dfe870c4a0611a61e76369

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 10KB - Virtual size: 12KB

.rdata Size: 45KB - Virtual size: 48KB

.data Size: 6KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 8KB

.text
Size: 10KB - Virtual size: 12KB

.rdata
Size: 45KB - Virtual size: 48KB

.data
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 8KB