5f99593b7c1c857a30e6acd3a1e821ac_JaffaCakes118

General

Target

5f99593b7c1c857a30e6acd3a1e821ac_JaffaCakes118
Size

56KB
MD5

5f99593b7c1c857a30e6acd3a1e821ac
SHA1

739de4b6825fc002f28cb9974825ea0934469521
SHA256

7b07361c5387b6f0269cc40c971fad8c8932dc35dc44c1a9fd1b8ed38f840d66
SHA512

e9bc0ca85cc9968d8fcd7148ae321dd4889a600c4acc2205dd976ae6240f1b3f222d7dc20667da8642fbab45c745283a165185e3306af1f405716b405a1db39d
SSDEEP

768:qPn2pWQ7/NjmYc3uUXlBt8JP/FjXD85zTorW:qPn2pNLYP8JZ8lor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f99593b7c1c857a30e6acd3a1e821ac_JaffaCakes118

Files

5f99593b7c1c857a30e6acd3a1e821ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4694f6cfb8aa8d4efe95fa977d10810

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
TerminateThread
LCMapStringA
SetStdHandle
TerminateProcess
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
GetCurrentProcess
GetLastError
Sleep
LCMapStringW
LocalFree
FlushFileBuffers
LoadLibraryA
GetProcAddress
GetOEMCP
RtlUnwind
HeapAlloc
GetCommandLineA
GetVersion
ExitProcess
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
CloseHandle

user32

wsprintfA
ExitWindowsEx

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegCreateKeyA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken

shell32

ShellExecuteA

netapi32

NetUserEnum
NetApiBufferFree

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4694f6cfb8aa8d4efe95fa977d10810

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

netapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 17KB