363ea92a38d36795825e3d43c7720d3d_JaffaCakes118

General

Target

363ea92a38d36795825e3d43c7720d3d_JaffaCakes118
Size

793KB
MD5

363ea92a38d36795825e3d43c7720d3d
SHA1

b93f27f625d04a4ed098dd3c57398559fea1988c
SHA256

cff7b0af5e7c199983b17c8a96f1fb796b3606fdaa63b4bed695638dc4639f54
SHA512

86a746780a4e8b15fa95bb034d63998922743c83dcae69ed0b35700b6c994d928b4d4a449ad738518bdd6a9dfbbbee6304a80ff54dc2d6303698b4c64f10a6b8
SSDEEP

12288:75JudTvhm1ZxCPra18QomIYNKdUtx1BE1KRITKr11fjZSbwpLlscv0bvdJhr1:7CRhBDQomD7txHfqEzfj4bwpEbvbT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
363ea92a38d36795825e3d43c7720d3d_JaffaCakes118

Files

363ea92a38d36795825e3d43c7720d3d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d1c720f99fbb8457e3dd0f667da8de7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
InterlockedExchange
GetProcAddress
LeaveCriticalSection
TlsGetValue
FreeLibrary
FlushFileBuffers
GetFullPathNameA
VirtualProtect
InitializeCriticalSection
DeleteCriticalSection
GetThreadLocale
EnterCriticalSection
ExitProcess
MultiByteToWideChar
GetSystemTimeAsFileTime
WriteFile
SetFilePointer
GetTempPathA
HeapAlloc
GlobalAlloc
HeapCreate
WideCharToMultiByte
LoadLibraryA
IsDBCSLeadByteEx
GetModuleHandleA
GetFileSize
SetUnhandledExceptionFilter
VirtualQuery
Sleep

user32

CharLowerBuffA

secur32

QuerySecurityPackageInfoA

wldap32

ord40

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyue
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1c720f99fbb8457e3dd0f667da8de7f

Headers

File Characteristics

Imports

kernel32

user32

secur32

wldap32

Sections

.text Size: 8KB - Virtual size: 8KB

.xyue Size: 728KB - Virtual size: 727KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 15KB - Virtual size: 5.8MB

.CRT Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.xyue
Size: 728KB - Virtual size: 727KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 15KB - Virtual size: 5.8MB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 2KB - Virtual size: 1KB