005ca37730e0349193359d64132cdeb4_JaffaCakes118

General

Target

005ca37730e0349193359d64132cdeb4_JaffaCakes118
Size

92KB
MD5

005ca37730e0349193359d64132cdeb4
SHA1

0d06c5c13975b5f24d6f57d56478ead01b60fc18
SHA256

a0a1171fb28245c08903f8fbaca66ff5b1ed7135bdffaab880f162869397dec1
SHA512

ed07fd2faeb2ae40dd75efa75735d25bd91ce74afe07bb6b690936a8e7a592f7ac520f72cb0ad8d44c6342fa287398168be3606fdd639c50115e36832e0aba67
SSDEEP

1536:PoV/r21vfnONjATp87yEIiZ4aUM5rB5ihe2INe9CtgbubBioQ:PoV/r+vfnONCEjbUirvipOjio

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
005ca37730e0349193359d64132cdeb4_JaffaCakes118

Files

005ca37730e0349193359d64132cdeb4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

533bc130e782aa50e4698c596421226f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
ReadFile
SetFilePointer
QueryPerformanceCounter
QueryPerformanceFrequency
CreateThread
DeviceIoControl
GetProcAddress
MulDiv
CloseHandle
GlobalFree
GlobalAlloc
OutputDebugStringA
SetThreadPriority
GetCurrentThread
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
CreateEventA
RaiseException
HeapAlloc
HeapReAlloc
GetVersion
GetCPInfo
ExitProcess
IsBadCodePtr
IsBadWritePtr
VirtualAlloc
SetUnhandledExceptionFilter
WriteFile
IsBadReadPtr
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
LCMapStringA
GetStringTypeW
LCMapStringW
InitializeCriticalSection
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
SetHandleCount
GetFileType
HeapFree
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapSize
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

LoadIconA
RegisterClassA
GetMessageA
TranslateMessage
DispatchMessageA
GetSystemMetrics
ShowWindow
CreateWindowExA
FindWindowA
MessageBoxA
PostQuitMessage
PostMessageA
DefWindowProcA
LoadCursorA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

winmm

waveOutOpen
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutPause
waveOutPrepareHeader
timeGetTime
waveOutWrite
waveOutRestart

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

533bc130e782aa50e4698c596421226f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

winmm

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 9KB - Virtual size: 35KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 9KB - Virtual size: 35KB