23c331a959b40694e692d9825624e393_JaffaCakes118

General

Target

23c331a959b40694e692d9825624e393_JaffaCakes118
Size

422KB
MD5

23c331a959b40694e692d9825624e393
SHA1

f5a199ed8d80fbd2c529d0e44ee6d65e40fadaef
SHA256

f27f7cea6458ad078b71908a655d6a8d7d3bc287b8d407089270221d8699668a
SHA512

4c6eb504219af7ec5752523e677948676b4b32e72a484d9fc5fd190799df1f62893e953c4798b4e1ccc18f05911bd2d172366fd478e3145d535070c9bb926878
SSDEEP

12288:xN9TXHyIkksAQBmaT0ZS57lN7N6RjlyzR:xNJ3yIjwmgNUyt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23c331a959b40694e692d9825624e393_JaffaCakes118

Files

23c331a959b40694e692d9825624e393_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85141d21fe4f1b0a05eb4f4de7e90ba9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA
GetUserDefaultLangID
GetCurrentThread
OpenWaitableTimerA
QueryPerformanceCounter
HeapLock
HeapAlloc
LoadLibraryA
SetLastError
ExitProcess
SleepEx
GetLongPathNameA
GetDriveTypeA
GetStartupInfoW
InterlockedExchange
GetTickCount
GetConsoleTitleA
GetModuleHandleA
GetProcessShutdownParameters
ReleaseSemaphore
RtlUnwind
FileTimeToDosDateTime
GetModuleFileNameA
HeapReAlloc
LocalLock
GetCurrentThreadId
VirtualAlloc
EnumTimeFormatsA
GetProcAddress
GetTimeFormatA
GetCurrentProcess
HeapFree
ReadConsoleOutputA
lstrcpy
CreateFileMappingW
GetCommandLineA
VirtualQuery
Sleep
CloseHandle
GetSystemTimeAsFileTime
MoveFileA
GetCurrentProcessId
GetSystemTime
TerminateProcess

comdlg32

PageSetupDlgA
GetOpenFileNameA
GetOpenFileNameW
FindTextW

advapi32

LookupPrivilegeValueW
CryptAcquireContextW
RegDeleteValueW
CryptGenKey
LookupPrivilegeDisplayNameW

shell32

SHQueryRecycleBinA
ShellExecuteW
ShellAboutW
SHFileOperationW
SHAppBarMessage
SHQueryRecycleBinW
SHAddToRecentDocs
DragQueryFileW
CheckEscapesW
SHEmptyRecycleBinA
ShellExecuteExA
ExtractAssociatedIconExW
SHGetFileInfoA

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85141d21fe4f1b0a05eb4f4de7e90ba9

Headers

File Characteristics

Imports

kernel32

comdlg32

advapi32

shell32

Sections

.text Size: 146KB - Virtual size: 145KB

.data Size: 265KB - Virtual size: 265KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 146KB - Virtual size: 145KB

.data
Size: 265KB - Virtual size: 265KB

.rsrc
Size: 10KB - Virtual size: 9KB