69e11ff8eb26e4073339bc8799f9c2b2_JaffaCakes118

General

Target

69e11ff8eb26e4073339bc8799f9c2b2_JaffaCakes118
Size

89KB
MD5

69e11ff8eb26e4073339bc8799f9c2b2
SHA1

4ec579e85372243f040afd4fde2e42581b84cf7a
SHA256

45b2264e0038798c083704d8298fa165258ad181bb04c33d4e0cfed06b14f7b4
SHA512

1884e1d693527361bf88036cd31ae135642da3f814c69a5424611b577b9609777f3c289d5a280ab16cc30d5f63c0ff1ed82c158efd3cf62a65ffda7b2d8c3354
SSDEEP

1536:PnxeuAWfRdcRDEAuB/iMlGhnViOOugTFxHFYuvMtqOTyr6yoL:PxeuASKRQ/q3nVfOJFxH/v6tyr6yoL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69e11ff8eb26e4073339bc8799f9c2b2_JaffaCakes118

Files

69e11ff8eb26e4073339bc8799f9c2b2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5a566dc9df11b2e97f1d72ddc967b78a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
QueryPerformanceCounter
WriteFile
CreateFileA
DeleteFileA
MoveFileA
FindResourceA
GetLastError
lstrcpynA
GetSystemDirectoryA
GetACP
OutputDebugStringA
LockResource
lstrcmpiA
VirtualQuery
FreeLibrary
RaiseException
GetSystemTimeAsFileTime
GetShortPathNameA
IsDBCSLeadByte
InitializeCriticalSection
lstrlenA
GetStartupInfoA
LeaveCriticalSection
GetModuleHandleA
lstrlenW
GetProcAddress
EnterCriticalSection
SetVolumeLabelA
ReadFile
CloseHandle
SetHandleInformation
CreateProcessA
lstrcatA
LoadLibraryExA
GetCurrentProcessId
GetTickCount
WideCharToMultiByte
InterlockedDecrement
SizeofResource
CreatePipe
InterlockedIncrement
MultiByteToWideChar
LoadResource
GetThreadLocale
GetVersionExA
GetThreadContext
DeleteCriticalSection
InterlockedExchange
GetLocaleInfoA
GetModuleFileNameA
ExitProcess

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

user32

CharNextA
wsprintfA
MessageBoxA
LoadStringA

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
LookupPrivilegeValueA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lnyh
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a566dc9df11b2e97f1d72ddc967b78a

Headers

File Characteristics

Imports

kernel32

version

user32

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 118KB

.lnyh Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 247KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 118KB

.lnyh
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 247KB