ef32528512d99ec07ef555817af8105a_JaffaCakes118

General

Target

ef32528512d99ec07ef555817af8105a_JaffaCakes118
Size

453KB
MD5

ef32528512d99ec07ef555817af8105a
SHA1

52ceddafe5033d55a57bf676350fc4a46077dfe5
SHA256

e0480eeedfe3e656e99fb7d0f248ce7229acd76e9ee1f270c6511222e01fac8f
SHA512

2bc649682951c59e43469102d3963f5e6aa97de30795de74138e1a392f383cb387b99f25eff2186a1b417bffeb61305ee7b9f73e0757729ecd0d3cb897dd06eb
SSDEEP

12288:Rpd3BohklFDxBbyXcQVCbuY+ozyke1D/wM/2Zj//1T:RLBohkttXbbQozKD/H+Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef32528512d99ec07ef555817af8105a_JaffaCakes118

Files

ef32528512d99ec07ef555817af8105a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

512ff8cf0c50493b8f10ab3c868994c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
HeapDestroy
InitializeCriticalSection
Sleep
GetProcAddress
InterlockedDecrement
HeapReAlloc
TlsFree
DeleteCriticalSection
GetStartupInfoA
GetCurrentProcessId
TlsSetValue
GetThreadTimes
GetDateFormatA
UnhandledExceptionFilter
GetModuleHandleA
IsDebuggerPresent
MapViewOfFileEx
VirtualFree
SetConsoleCtrlHandler
GetFileType
WriteFile
EnumSystemLocalesA
GetTimeZoneInformation
LCMapStringW
SetCurrentDirectoryW
GetOEMCP
ReadConsoleOutputAttribute
CompareFileTime
ExitProcess
GetTickCount
InitializeCriticalSectionAndSpinCount
TlsGetValue
HeapFree
GetACP
GetModuleFileNameA
GetStringTypeW
LoadLibraryA
QueryPerformanceCounter
FreeLibrary
VirtualAlloc
IsValidCodePage
EnterCriticalSection
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCPInfo
GetEnvironmentStrings
GetLocaleInfoA
SetHandleCount
WideCharToMultiByte
HeapSize
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetCommandLineA
DeleteFileW
LocalCompact
GetCurrentThread
GetEnvironmentStringsW
InterlockedIncrement
SetUnhandledExceptionFilter
LeaveCriticalSection
GetTimeFormatA
SetFilePointer
GetLastError
SetLastError
RemoveDirectoryW
HeapCreate
TlsAlloc
GetLocaleInfoW
LoadModule
InterlockedExchange
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
MultiByteToWideChar
CompareStringW
CompareStringA
IsValidLocale
GetVersionExA
HeapAlloc
SetEnvironmentVariableA
LCMapStringA
SetConsoleCursorInfo
GetUserDefaultLCID

advapi32

CryptGetDefaultProviderW
CryptAcquireContextA
RegDeleteValueA
CreateServiceA
RegFlushKey

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

512ff8cf0c50493b8f10ab3c868994c0

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 172KB

.data Size: 276KB - Virtual size: 282KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 172KB - Virtual size: 172KB

.data
Size: 276KB - Virtual size: 282KB

.rsrc
Size: 3KB - Virtual size: 2KB