5c645a6a430a7a585d70b36df26bd4e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5c645a6a430a7a585d70b36df26bd4e3_JaffaCakes118
Size

423KB
MD5

5c645a6a430a7a585d70b36df26bd4e3
SHA1

563d966099b9f49bd8a60de6ed92d202d2267091
SHA256

96cb87c53d56f41ec48ec60127f184bd768c1ec044551bb82b85d15c4c037215
SHA512

e4c0a707d19c5f0fdd983ef391cb2c89ee62eaf232ea20c7c3ac594df624ffa18c14134a77c1e829d3056975ada47af9b6fbeba5b473607165c7109f5d1226b3
SSDEEP

12288:XswKlpC+XfSg8kPbEyx3u71PlPJyRw4uJIaav2:9lMfLVPbEuCom4ut

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c645a6a430a7a585d70b36df26bd4e3_JaffaCakes118

Files

5c645a6a430a7a585d70b36df26bd4e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9f4b232c843b813d712935ddf754dc2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
GetStartupInfoA
VirtualFree
IsDebuggerPresent
GetProcAddress
GetStringTypeW
HeapReAlloc
IsValidLocale
WaitForDebugEvent
GetDateFormatA
GetCurrentProcessId
LCMapStringW
LocalFree
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetTimeFormatA
VirtualUnlock
MultiByteToWideChar
SetUnhandledExceptionFilter
WideCharToMultiByte
SetEnvironmentVariableA
FillConsoleOutputAttribute
GetLocaleInfoA
GetUserDefaultLCID
ReadConsoleOutputA
GetCommandLineA
EnumResourceTypesW
UnhandledExceptionFilter
ExitProcess
GetTickCount
SetFileTime
LCMapStringA
HeapFree
SetConsoleCursorInfo
GetModuleFileNameA
GetFileType
LoadLibraryA
QueryPerformanceCounter
GetExitCodeThread
VirtualAlloc
ReadConsoleInputA
ReadConsoleA
SetHandleCount
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsFree
CompareStringA
EnumSystemLocalesA
GetACP
InitializeCriticalSection
SetConsoleCtrlHandler
GetStdHandle
SetWaitableTimer
GetSystemTimeAsFileTime
CompareStringW
FreeLibraryAndExitThread
InterlockedCompareExchange
DeleteCriticalSection
FreeEnvironmentStringsA
GlobalHandle
InterlockedIncrement
GetVersionExA
TlsAlloc
WritePrivateProfileStringA
FreeLibrary
InterlockedDecrement
TlsGetValue
GetProcessHeap
IsValidCodePage
GetCPInfo
CreateNamedPipeW
InterlockedExchange
GetEnvironmentStrings
Sleep
lstrcat
HeapCreate
MoveFileExW
GetSystemDefaultLangID
GetTimeZoneInformation
GetOEMCP
HeapAlloc
HeapSize
WaitForSingleObjectEx
WriteFileEx
GetLocaleInfoW
VirtualQuery
GetModuleHandleA
HeapDestroy
GetCurrentThread
GetLastError
RtlUnwind
WriteFile
TlsSetValue
OpenEventW
GetStringTypeA
FreeEnvironmentStringsW
GetConsoleCursorInfo

advapi32

LogonUserA
RegReplaceKeyA
RegQueryValueExA
RegOpenKeyW
CryptEnumProvidersA
RegEnumKeyA
LogonUserW
CryptSignHashW
RegQueryMultipleValuesW
CryptGetDefaultProviderW
RegConnectRegistryW
CryptSetKeyParam
LookupSecurityDescriptorPartsW
CryptCreateHash
CryptDuplicateHash
RegQueryValueExW
CryptSetProviderExW
RegFlushKey
RevertToSelf
GetUserNameA

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9f4b232c843b813d712935ddf754dc2

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 139KB - Virtual size: 139KB

.data Size: 275KB - Virtual size: 288KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 139KB - Virtual size: 139KB

.data
Size: 275KB - Virtual size: 288KB

.rsrc
Size: 7KB - Virtual size: 6KB