07d9c1aaea6c2469df8dbc59d33c04a2_JaffaCakes118

General

Target

07d9c1aaea6c2469df8dbc59d33c04a2_JaffaCakes118
Size

158KB
MD5

07d9c1aaea6c2469df8dbc59d33c04a2
SHA1

cece0638b3cfc451a95c6c5d1c1d056c7ae976c4
SHA256

dad3b4970652f7df790c5bfa6ea76f0960f309f461f6b76fe6cdfcdf9504d7da
SHA512

911f819514d53d560fe2b64a84e021eb0d4bccec75791646f962c2ff6217604b07cb091ae5a6fac799c14475bc057feeeb8642802ee0fbe4f90ffb6529b400d4
SSDEEP

3072:j9zkjnvM8hG3a4Qp4KC+yBaeXmQmNDsOMCPoyBTrskoLNRTQ:RzkjvG3BQqKbwXnmND3vTriNZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d9c1aaea6c2469df8dbc59d33c04a2_JaffaCakes118

Files

07d9c1aaea6c2469df8dbc59d33c04a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5c390b3d1ff3b1ffee5ba7850b1e130f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateEventA
CreateFileA
CreateMutexA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
FindClose
FreeLibrary
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetLastError
GetPrivateProfileStringA
GetProcAddress
GetProcessHeap
GetStdHandle
GetStringTypeA
GetSystemInfo
GetTempPathA
GetThreadTimes
GetTickCount
GetTimeFormatA
GlobalHandle
HeapAlloc
HeapFree
InterlockedDecrement
IsBadReadPtr
LocalFree
LockResource
Module32Next
QueryPerformanceCounter
ReadProcessMemory
SetLastError
SizeofResource
Sleep
TlsAlloc
TlsFree
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
lstrcmpiA
lstrcpynA
lstrlenA

user32

IsChild
wsprintfA

advapi32

GetSecurityDescriptorControl
RegCloseKey
RegOpenKeyA
SetSecurityDescriptorDacl

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c390b3d1ff3b1ffee5ba7850b1e130f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 124KB - Virtual size: 124KB

.DATA Size: 1024B - Virtual size: 132KB

.data Size: 7KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 21KB - Virtual size: 21KB

.text
Size: 124KB - Virtual size: 124KB

.DATA
Size: 1024B - Virtual size: 132KB

.data
Size: 7KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 21KB - Virtual size: 21KB