5e192d59450f5ada7ea858703dc1e443_JaffaCakes118

General

Target

5e192d59450f5ada7ea858703dc1e443_JaffaCakes118
Size

297KB
MD5

5e192d59450f5ada7ea858703dc1e443
SHA1

e7bce2793d8663d7beee0fcc9810c91c6a46f6d2
SHA256

4fe96ee37f0c28cdb4831b4c984a3724f8519e9af7fd3558f70f3b446aa66936
SHA512

613237f7c734f0a0260b2c9b16a21f64ac577da0e2508209315c2adcd7f225dd09a7fba5342107291617ef7742d14cfb4f0c769d21fd193707770935b6dbb04a
SSDEEP

6144:dYI+gZeSkLlOOqz5c7K9hhTmMpujG4QDdk5h+CqGiiv8c2ATMn:dYxgBaltq1cwhhDIjGzhk5viivH2iMn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e192d59450f5ada7ea858703dc1e443_JaffaCakes118

Files

5e192d59450f5ada7ea858703dc1e443_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccac2d89d4fd96ad27de6a0e9a311ddb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetProcAddress
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
CloseHandle
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetFileType
CreateFileA
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
WriteFile
SetStdHandle
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
SetEndOfFile
ReadFile
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

advapi32

RegOpenKeyExA
RegQueryValueExA
SystemFunction002
RegCloseKey

shlwapi

StrStrIA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 232KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccac2d89d4fd96ad27de6a0e9a311ddb

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 11KB

.rsrc Size: 232KB - Virtual size: 231KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 11KB

.rsrc
Size: 232KB - Virtual size: 231KB