a92b08d68e39aa2f60d46470c1eb031e_JaffaCakes118

General

Target

a92b08d68e39aa2f60d46470c1eb031e_JaffaCakes118
Size

437KB
MD5

a92b08d68e39aa2f60d46470c1eb031e
SHA1

bf2254ef804e4360bd894e5a8a4e806d7a73af53
SHA256

855417d77a9fa17461849e27d8eed6dd2f4b95de5313a6dccb206fc5657714e0
SHA512

edac6c7da6b314ffa460bc1e690e68533127195b31b32b4f798a490efc0adaf35ce9e0dddc88d2672632feec6ae5decf6f06eb67d37abe0b9a37d142e995b281
SSDEEP

6144:9uisOIqv2bsWAxuM81eZwuts0iAXaJ5aJbnzydUERm15Jtqwodi/HRQoSp71RzrV:UisOl2exuMYcDtSe7zyjYnj7Ko4DwVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a92b08d68e39aa2f60d46470c1eb031e_JaffaCakes118

Files

a92b08d68e39aa2f60d46470c1eb031e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a724302df1e20dc2378d1e9070bc0f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
InitializeCriticalSection
InterlockedIncrement
SetUnhandledExceptionFilter
GetProcAddress
IsDebuggerPresent
HeapReAlloc
TlsAlloc
EnterCriticalSection
GetStringTypeA
GetCurrentProcessId
TlsGetValue
ResumeThread
GetFileType
TlsSetValue
GetModuleHandleA
IsValidCodePage
CreateMutexW
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleFileNameW
WideCharToMultiByte
FreeEnvironmentStringsW
GetVersionExA
LCMapStringA
GetDiskFreeSpaceExA
GetStartupInfoW
DebugActiveProcess
FormatMessageW
ExitProcess
GetTickCount
GetEnvironmentStringsW
TlsFree
HeapFree
GetCommandLineA
GetModuleFileNameA
GetTimeZoneInformation
LoadLibraryA
QueryPerformanceCounter
GetCPInfo
VirtualAlloc
GetLastError
EnumSystemLocalesA
WriteFile
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCurrentThread
GetLocaleInfoA
GetProcessHeap
SetEnvironmentVariableA
VirtualFree
InterlockedDecrement
FreeLibrary
GetSystemTimeAsFileTime
GetDateFormatA
CompareStringA
GlobalAddAtomA
GetEnvironmentStrings
GetLocaleInfoW
SetCurrentDirectoryA
SetLastError
LCMapStringW
GetUserDefaultLCID
FreeEnvironmentStringsA
GetOEMCP
SetHandleCount
SetFileAttributesA
HeapSize
Sleep
GetStartupInfoA
GetCommandLineW
InterlockedExchange
GetStringTypeW
GetStdHandle
GetACP
LeaveCriticalSection
DeleteCriticalSection
CompareStringW
IsValidLocale
HeapDestroy
HeapAlloc
SetConsoleCtrlHandler
GetFullPathNameW
lstrcatW
HeapCreate
VirtualQuery

advapi32

RegQueryMultipleValuesA
RegCreateKeyW
CreateServiceW
LogonUserW
RegSaveKeyA
RegOpenKeyW
CryptDuplicateKey
CryptEnumProviderTypesW

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 306KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a724302df1e20dc2378d1e9070bc0f0

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 147KB - Virtual size: 146KB

.data Size: 281KB - Virtual size: 306KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 147KB - Virtual size: 146KB

.data
Size: 281KB - Virtual size: 306KB

.rsrc
Size: 8KB - Virtual size: 8KB