5b1c0a25970165fc67080ad4d656c1b2_JaffaCakes118

General

Target

5b1c0a25970165fc67080ad4d656c1b2_JaffaCakes118
Size

73KB
MD5

5b1c0a25970165fc67080ad4d656c1b2
SHA1

22365cf8c51274af152e4e3ff1be70f04616208c
SHA256

829013676facd9c6f560adf79d6c98b2e3a35877edd9dd61a772a1f902494043
SHA512

429f2fbfd5eaec4ba621ab1d304b937e7b960f1faaa9496df060db72b8fbcfd73e5bd55948f72fcbe7acd2c83990d40e4d36714814a9542df75e9986063c9398
SSDEEP

1536:odYaQTIvDILtcV1m6tIO7nToIfvqi8EVOKGJ4jUo3NcB:obQTSecXbTBfvqirGJ4/OB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1c0a25970165fc67080ad4d656c1b2_JaffaCakes118

Files

5b1c0a25970165fc67080ad4d656c1b2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

484b21946ef89341e9b444fe5a3d6a96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
CreateThread
GetComputerNameA
GetVolumeInformationA
ReleaseMutex
DeleteFileA
MoveFileExA
GetFileSize
GetEnvironmentVariableA
CreateToolhelp32Snapshot
CreateMutexA
GetCurrentProcess
SleepEx
CopyFileA
CloseHandle
GetVersionExA
Sleep
GetSystemTime
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
LocalFree
FindClose
lstrlenA
FormatMessageA
GetCurrentProcessId
GetModuleHandleA
GetLocalTime
GetModuleFileNameA

msvcrt

_adjust_fdiv
_initterm
localtime
strftime
_local_unwind2
_except_handler3
_ftol
atoi
strcmp
malloc
memcpy
calloc
free
strcat
strchr
__mb_cur_max
_isctype
_pctype
tolower
strcpy
_vsnprintf
fopen
fprintf
fclose
strncpy
strstr
_snprintf
time
srand
rand
strlen
memset
_stricmp

advapi32

RegEnumKeyExA
LookupAccountSidA
GetTokenInformation
RegOpenKeyExA
RegQueryInfoKeyA
GetUserNameA
RegQueryValueExA
RegCloseKey
OpenProcessToken

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

484b21946ef89341e9b444fe5a3d6a96

Headers

File Characteristics

Imports

kernel32

msvcrt

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 95KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 95KB

.reloc
Size: 4KB - Virtual size: 3KB