76912b7816ba21951a3a083277a7eba5_JaffaCakes118

General

Target

76912b7816ba21951a3a083277a7eba5_JaffaCakes118
Size

298KB
MD5

76912b7816ba21951a3a083277a7eba5
SHA1

339952f5e25f973a142e0ac01f14837086f892a5
SHA256

44affddb49abc9f4ad4bd258a83afa7a7a5c81abfe3f3ab47a3f3ac4611aacc1
SHA512

044cc87bb9f556099bccbf8931b9e42643930e6bd67eb7330858f3446d1b04cff8b3d764e2df41f1b5a48a5684e11835ad407bdfa0acdd5b68d31eadde4fae3f
SSDEEP

6144:rHpG/keYEuHk0Wll0GwgkfUT0QgIJitfZkrvoh6son/JFYlN:rHAseYE30WlwcQRGiYjo0n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76912b7816ba21951a3a083277a7eba5_JaffaCakes118

Files

76912b7816ba21951a3a083277a7eba5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5415f2e2d209e422347661ba1fa404d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
DeleteCriticalSection
CloseHandle
WaitForSingleObject
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalFree
LocalAlloc
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls
QueryPerformanceCounter
GetCurrentThreadId
GetCommandLineA
GetSystemTimeAsFileTime
FreeLibrary
GetLastError
InterlockedIncrement
GetModuleFileNameA
TlsSetValue
TlsGetValue
LoadLibraryA
GetVersionExW
GetUserDefaultLCID
LCMapStringW
CompareStringW
GetProcAddress
lstrlenA
MultiByteToWideChar
GetModuleHandleA
VirtualProtect
GetStartupInfoA
GetCurrentProcessId
GetTickCount

user32

LoadStringW
SendMessageW
GetDlgItem
ShowWindow
SetWindowLongW
EnableWindow
MessageBoxW

advapi32

RegQueryValueExW
RegCloseKey

ole32

CoSetProxyBlanket
CoCreateInstance
CoTaskMemFree

msvcrt

_wcsnicmp
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_initterm
__getmainargs
_controlfp
__CxxFrameHandler
_except_handler3
free
_wtoi64
_adjust_fdiv
_amsg_exit
memcpy
memset
_acmdln
iswdigit
sprintf
_exit
_XcptFilter
exit

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 530KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5415f2e2d209e422347661ba1fa404d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 265KB - Virtual size: 530KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 265KB - Virtual size: 530KB

.rsrc
Size: 1KB - Virtual size: 1KB