5e0e97f9042922528b45985e24ecb3b2_JaffaCakes118

General

Target

5e0e97f9042922528b45985e24ecb3b2_JaffaCakes118
Size

194KB
MD5

5e0e97f9042922528b45985e24ecb3b2
SHA1

01cb1545b82688a4c3be739fdb28db3e0a9df910
SHA256

adccd754bfa06d9bafea47798d30076a758d2206f6461e80cae3cc56c2b9fb6a
SHA512

30beeb363c04a1a6de2e287c159e513c53ff36415d5b00ca40986280af97a4de0dbf16c31374e9854853bf883309994867c96e9704a09f5807c90fa799e7a1a7
SSDEEP

3072:zMhr8NJTJdzM0NuYL6NrOsCzRIqD3CASS3uQB7:Wr8NFfzM0Nj6S5aqzRSSb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e0e97f9042922528b45985e24ecb3b2_JaffaCakes118

Files

5e0e97f9042922528b45985e24ecb3b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1337f58b90439ed36609a4d1b1d2d97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FreeResource
lstrlenA
CreateThread
SizeofResource
CreateFileW
LoadResource
FindResourceW
GetCurrentProcess
GetFileAttributesW
GetSystemDirectoryW
lstrcatW
ExitProcess
CreateMutexA
GetLastError
ReleaseMutex
CloseHandle
lstrcpyA
DeleteFileW
GetModuleFileNameA
lstrlenW
Sleep
VirtualAllocEx
VirtualProtectEx
GetModuleHandleW
WriteProcessMemory
LoadLibraryW
GetProcAddress
WriteFile
VirtualQueryEx

user32

LoadIconW
LoadCursorW
RegisterClassExW
CreateWindowExW
UpdateWindow
GetMessageW
TranslateMessage
DispatchMessageW
FindWindowW
ShowWindow
SendMessageW
DefWindowProcW

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegRestoreKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCreateKeyExW
CreateServiceW
CloseServiceHandle
DeleteService
OpenServiceW
OpenSCManagerW
StartServiceW
ChangeServiceConfigW
RegDeleteValueW

msvcrt

fread
ftell
fseek
fclose
fopen
strstr
strchr
_except_handler3
realloc
malloc
??2@YAPAXI@Z

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1337f58b90439ed36609a4d1b1d2d97

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1KB - Virtual size: 7KB

.rsrc Size: 183KB - Virtual size: 183KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1KB - Virtual size: 7KB

.rsrc
Size: 183KB - Virtual size: 183KB