962a11374174d77963dcf576772787a7_JaffaCakes118

General

Target

962a11374174d77963dcf576772787a7_JaffaCakes118
Size

254KB
MD5

962a11374174d77963dcf576772787a7
SHA1

d35ec13491e166e6cff85e32eb11270582318960
SHA256

3d5d789450612f2991099da8bf95e9a95bf715409bdc99b877bf0014b0fdc50e
SHA512

3fd070027394e11b3f7ebe106fee251c7a473766e794328c266986005c78b9e9dd0d159cd06c3e63350b1256896890e256cd91bb8e58d39c715c38761176737a
SSDEEP

3072:vPdyTJYf3X7k7m91MF9IwoEg3gtQ0UNUoXQSWpDEXBebSs0cUJcZhJq+0oav5Q:vPM28bIwdOBNRQjgBoS22cZhJt0d5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
962a11374174d77963dcf576772787a7_JaffaCakes118

Files

962a11374174d77963dcf576772787a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

87e751869a18dd118a92b01af6e275b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
LocalFree
GetProcAddress
lstrcatA
lstrcpyA
lstrcpynA
GetFileAttributesA
GetDriveTypeA
CloseHandle
CreateProcessA
FreeLibrary
ResetEvent
LoadLibraryA
lstrlenA
WaitForSingleObject
GetLastError
CreateEventA
SetLastError
GetSystemDirectoryA
CompareFileTime
GetSystemTimeAsFileTime
GetTickCount
SystemTimeToFileTime
GetSystemTime
lstrcmpiA
Sleep
GetVersionExA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
DebugBreak
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetCommandLineA
ExitProcess
GetModuleFileNameA
GetStartupInfoA

user32

SetWindowsHookExA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
UnhookWindowsHookEx
wsprintfA
CharNextA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87e751869a18dd118a92b01af6e275b3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 13KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 13KB

.rsrc
Size: 72KB - Virtual size: 72KB