ef55f44d0ddd30f984284fd2e53d1467_JaffaCakes118

General

Target

ef55f44d0ddd30f984284fd2e53d1467_JaffaCakes118
Size

69KB
MD5

ef55f44d0ddd30f984284fd2e53d1467
SHA1

bd876153aaae88f7baf3a61d2ed71bf59926d05a
SHA256

1891a010b511c7cecdef916b5ca9e2801529a6b3f667be12aaba852afb035599
SHA512

dc516a066917b7138026115b05810f04d45ba82b151634bd41137f8d05df29937023f2171744b9763325b634b43681017fa1e95501ebae4a480dcbd0e1f1b500
SSDEEP

1536:a+jQdyabFZEPjKzI/nmKveNfs3Z1Hhakh+6VxK9YJR/:akQ/xZEP+z+mKveNk3TwkhxV4aD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef55f44d0ddd30f984284fd2e53d1467_JaffaCakes118

Files

ef55f44d0ddd30f984284fd2e53d1467_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a12b19ac8f6a6c8ddfeda4f4a59b9851

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
SetLastError
CreateEventW
CreateThread
GetCurrentThread
InitializeCriticalSection
GetComputerNameW
WaitForSingleObjectEx
Sleep
InterlockedDecrement
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
InterlockedExchange
MultiByteToWideChar
SetWaitableTimer
HeapFree
HeapAlloc
HeapDestroy
FreeLibraryAndExitThread
GlobalFree
GlobalAlloc
WaitForSingleObject
DeleteCriticalSection
SetEvent
InterlockedIncrement
GetVersion
GetCommandLineA
VirtualProtect
GetSystemTimeAsFileTime
GetTickCount

advapi32

RegOpenKeyExW
ImpersonateLoggedOnUser
RevertToSelf
OpenThreadToken
RegCloseKey

ole32

StringFromGUID2

msvcrt

_amsg_exit
__CxxFrameHandler
_except_handler3
memcpy
iswupper
_CxxThrowException
malloc
_XcptFilter
_adjust_fdiv
_initterm
free
_local_unwind2
strncpy
wcslen
wcscpy
strncmp

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a12b19ac8f6a6c8ddfeda4f4a59b9851

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcrt

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 34KB - Virtual size: 67KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 34KB - Virtual size: 67KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB