b7c0f9c7ac541f11f14d9a40e4bb40dc_JaffaCakes118

General

Target

b7c0f9c7ac541f11f14d9a40e4bb40dc_JaffaCakes118
Size

106KB
MD5

b7c0f9c7ac541f11f14d9a40e4bb40dc
SHA1

fc9de9f612576b1724684a7d19a55fbc0323acf2
SHA256

3720c7b219b4939d8200600d9a47417149924a7dfd001d5ab48ff3f1802c4689
SHA512

15a8562d26711b748b0b97ec142ff47be3fbe9760b88d2ebc27d3852b3715ff121695503486dd9b1ce650205217a75c617aa9c09767a4a16598a48f223388087
SSDEEP

1536:mxJgyD+NXyy1X2QpURlwJviKpC7Q+NB8H+oZJni48AvLP2H7dUiapTmYzW:mxuyqXy81pVJviKpC7Q+NBa9/ngtU6f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7c0f9c7ac541f11f14d9a40e4bb40dc_JaffaCakes118

Files

b7c0f9c7ac541f11f14d9a40e4bb40dc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb7153d2d9e3c43a71de41f7cc66e439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetHandleInformation
GetVersionExA
lstrlenW
MoveFileA
Sleep
GetModuleFileNameA
GetShortPathNameA
WriteFile
GetSystemTimeAsFileTime
GetCurrentThreadId
SizeofResource
FindResourceA
GetProcAddress
lstrcpynA
GetTickCount
LoadLibraryExA
LeaveCriticalSection
lstrcatA
GetSystemDefaultLangID
EnterCriticalSection
CloseHandle
ExitProcess
VirtualQuery
MultiByteToWideChar
DeleteFileA
RaiseException
QueryPerformanceCounter
LockFileEx
ReadFile
lstrcmpiA
CreateFileA
WideCharToMultiByte
IsDBCSLeadByte
lstrlenA
GetCurrentProcessId
GetStartupInfoA
LockResource
GetLocaleInfoA
GetModuleHandleA
CreateProcessA
InitializeCriticalSection
InterlockedIncrement
CreatePipe
GetACP
SetFileAttributesA
GetThreadLocale
LoadResource
InterlockedExchange
GetSystemDirectoryA
OutputDebugStringA
GetLastError
DeleteCriticalSection
InterlockedDecrement

user32

MessageBoxA
LoadStringA
wsprintfA
CharNextA

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
RegOpenKeyExA
LookupPrivilegeValueA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdkg
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb7153d2d9e3c43a71de41f7cc66e439

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 118KB

.gdkg Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 263KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 118KB

.gdkg
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 263KB