f61e85f9f6d0545615a3d9b0c3cf3371_JaffaCakes118

General

Target

f61e85f9f6d0545615a3d9b0c3cf3371_JaffaCakes118
Size

406KB
MD5

f61e85f9f6d0545615a3d9b0c3cf3371
SHA1

e5ea4c567f4bcdd5fae48f002309835f1a9d0a74
SHA256

ac0380e338978d5df83ea2b43abe04558f57f38a94f7fc0cba5ca19454991099
SHA512

842fca41d59b8e7d3ac894ae62ec41201b94d2f5376dedd5680f305d4f8183b31637c3e6cfa2752b013620dddf5c7cde3c46ebf3df086a861575d3b0dd0d9d6e
SSDEEP

12288:aT+lxxt7FeQg9QXK/5aBA6FlMz5AwpPPEJtRcg7+O7wVeKJ:C4lgQKBsAStwVSmZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f61e85f9f6d0545615a3d9b0c3cf3371_JaffaCakes118

Files

f61e85f9f6d0545615a3d9b0c3cf3371_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa7391fce863f7c7a42e377615997964

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgW

advapi32

RegQueryMultipleValuesA
CryptSetProvParam
CryptCreateHash
RegSetValueW
CryptDestroyHash
RegQueryValueExW
RegSetValueExW
CryptHashData
RegEnumKeyA
InitiateSystemShutdownA
CryptEnumProvidersA
LookupPrivilegeValueW
RegEnumKeyExA
CryptEnumProvidersW
CryptSetProviderW
LookupPrivilegeValueA
CryptGetProvParam
CryptDuplicateHash

kernel32

ExitProcess
VirtualQuery
TerminateProcess
GetStringTypeA
TlsSetValue
GetStringTypeW
TlsGetValue
IsBadWritePtr
GetModuleFileNameA
MultiByteToWideChar
GetLastError
HeapFree
HeapAlloc
GetACP
LCMapStringA
UnhandledExceptionFilter
GetProfileSectionA
HeapReAlloc
GetCurrentThreadId
GetVersion
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
InterlockedExchange
SetLastError
GetCurrentProcessId
TlsAlloc
WideCharToMultiByte
WriteFile
GetModuleHandleA
GetCurrentThread
DeleteCriticalSection
GetSystemTimeAsFileTime
TlsFree
LCMapStringW
HeapCreate
InitializeCriticalSection
LeaveCriticalSection
RtlUnwind
GetStdHandle
FreeEnvironmentStringsA
GetProcAddress
LoadLibraryA
GetCurrentProcess
VirtualFree
EnterCriticalSection
SetHandleCount
GetFileType
CreateFileW
FreeEnvironmentStringsW
WritePrivateProfileSectionW
GetFileSize
QueryPerformanceCounter
GetCommandLineA
GetTickCount
CreateSemaphoreW
GetEnvironmentStrings
HeapDestroy
VirtualAlloc
GetStartupInfoA

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa7391fce863f7c7a42e377615997964

Headers

File Characteristics

Imports

comdlg32

advapi32

kernel32

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 3KB - Virtual size: 28KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 3KB - Virtual size: 28KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 10KB - Virtual size: 10KB