5cc23a5dff34f4b8431e4ce3dd8ed51a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5cc23a5dff34f4b8431e4ce3dd8ed51a_JaffaCakes118
Size

604KB
MD5

5cc23a5dff34f4b8431e4ce3dd8ed51a
SHA1

c277a3263001d47d55c0cb8c7ba009556395cd2c
SHA256

25477a857ad07267c127356fac71793a1db31dd15450388344d6f2920f0bf28c
SHA512

69aff30c160135b576d047dcab948c5e1aea57093c2f5a56fddad9725f4b1e31ee220ef7dd291a658dd811344142a7779a139eb221bcdec7c133d3249ac9b71c
SSDEEP

12288:FdmfQLtFcRHY1YzTlCxBMRhIkWO23eDpaIOPegl5d6vY6r2cv:jmfotF6W0W/3WpaIOvyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cc23a5dff34f4b8431e4ce3dd8ed51a_JaffaCakes118

Files

5cc23a5dff34f4b8431e4ce3dd8ed51a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22c35f9a89452424a35962824e0f25c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetVersionExA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateFileA
WriteFile
CloseHandle
GetShortPathNameA
SetFilePointer
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
MoveFileA
GetWindowsDirectoryA
CreateDirectoryA
GetModuleFileNameA
GetLogicalDriveStringsA
GetVolumeInformationA
GetLocaleInfoA
GetDateFormatA
GetTimeFormatA
GetFileAttributesA
lstrlenW
lstrlenA
GetTickCount
MultiByteToWideChar
GetLastError
InterlockedIncrement
InterlockedDecrement
FlushFileBuffers
GetACP
InterlockedExchange
WideCharToMultiByte
FindResourceExA
LoadResource
LockResource
SizeofResource
FindResourceA
GetSystemTime
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetStdHandle
RtlUnwind
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
GetOEMCP
GetCPInfo
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
VirtualProtect
GetSystemInfo
VirtualQuery
RaiseException

advapi32

RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

ole32

StringFromGUID2

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 484KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22c35f9a89452424a35962824e0f25c1

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 484KB - Virtual size: 487KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 484KB - Virtual size: 487KB