3e2f54ec1b7a94d11de9342768edaacb_JaffaCakes118

General

Target

3e2f54ec1b7a94d11de9342768edaacb_JaffaCakes118
Size

77KB
MD5

3e2f54ec1b7a94d11de9342768edaacb
SHA1

a0c57fd24183052bdb41162efb451edaf3ebfae7
SHA256

4614a1b54e2dbb901ceb9c308d610279f3a2e6990fd0d4063dd9ef44a7c50724
SHA512

2de4cf1d15e26d8dd4118803e882d225d5a437cdcf66cc064840f12c74be246dc91f6ff0ad5bacf08ad2d575e857122df59a54a541fcbcc52997dfb78eb7c207
SSDEEP

1536:PnxeuAWfRdcRDEAuB/iMlGhnViOOugTFxHFYuvMtZ:PxeuASKRQ/q3nVfOJFxH/v6Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e2f54ec1b7a94d11de9342768edaacb_JaffaCakes118

Files

3e2f54ec1b7a94d11de9342768edaacb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a566dc9df11b2e97f1d72ddc967b78a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
QueryPerformanceCounter
WriteFile
CreateFileA
DeleteFileA
MoveFileA
FindResourceA
GetLastError
lstrcpynA
GetSystemDirectoryA
GetACP
OutputDebugStringA
LockResource
lstrcmpiA
VirtualQuery
FreeLibrary
RaiseException
GetSystemTimeAsFileTime
GetShortPathNameA
IsDBCSLeadByte
InitializeCriticalSection
lstrlenA
GetStartupInfoA
LeaveCriticalSection
GetModuleHandleA
lstrlenW
GetProcAddress
EnterCriticalSection
SetVolumeLabelA
ReadFile
CloseHandle
SetHandleInformation
CreateProcessA
lstrcatA
LoadLibraryExA
GetCurrentProcessId
GetTickCount
WideCharToMultiByte
InterlockedDecrement
SizeofResource
CreatePipe
InterlockedIncrement
MultiByteToWideChar
LoadResource
GetThreadLocale
GetVersionExA
GetThreadContext
DeleteCriticalSection
InterlockedExchange
GetLocaleInfoA
GetModuleFileNameA
ExitProcess

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

user32

CharNextA
wsprintfA
MessageBoxA
LoadStringA

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lnyh
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a566dc9df11b2e97f1d72ddc967b78a

Headers

File Characteristics

Imports

kernel32

version

user32

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 118KB

.lnyh Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 247KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 118KB

.lnyh
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 247KB