32f53482b24c16149f47b21c9d74b1cd_JaffaCakes118

General

Target

32f53482b24c16149f47b21c9d74b1cd_JaffaCakes118
Size

51KB
MD5

32f53482b24c16149f47b21c9d74b1cd
SHA1

446069e726b1affadbd294de532811f2c2566f6c
SHA256

316f36aedd9e7c569f3940f0a27bca6c93c0bc2b079347e65a5c6bfc7f1773a1
SHA512

91a506b56e30982953295d034b4f34cf2ea1baa7da9101bf965d604900368b4fb2567865cb7ed0eda59726e13220c65aa725114352a297c9e7d9e9b099276924
SSDEEP

768:v25LRu5T9Up1IlQV7QcRwHc4lopRN+R5+JxJv4xBEu6onsXKhX:v25LRrIlQV8UwHdqpr+R5+JxJwxBua5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32f53482b24c16149f47b21c9d74b1cd_JaffaCakes118

Files

32f53482b24c16149f47b21c9d74b1cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

86b1f91bc4d6cb394a255d671fff21c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
lstrcpynW
InterlockedIncrement
GetSystemTimeAsFileTime
GetCurrentProcessId
InterlockedCompareExchange
QueryPerformanceCounter
InterlockedExchange
DisableThreadLibraryCalls
GetCurrentThreadId
GetCurrentProcess
lstrcmpiW
GetVersion
VirtualProtect
GetTickCount
lstrlenW
GetCommandLineA

user32

CharNextW

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance

msvcrt

_XcptFilter
_adjust_fdiv
_initterm
realloc
__CxxFrameHandler
_except_handler3
free
malloc
iswspace

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86b1f91bc4d6cb394a255d671fff21c7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 33KB - Virtual size: 65KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 836B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 33KB - Virtual size: 65KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 836B