0a76c5eaaf2be7c9dd9ba1d45e2e92fa_JaffaCakes118

General

Target

0a76c5eaaf2be7c9dd9ba1d45e2e92fa_JaffaCakes118
Size

74KB
MD5

0a76c5eaaf2be7c9dd9ba1d45e2e92fa
SHA1

abf4916f6393a196342bf0ed479f3a03a5f65999
SHA256

b06957b23d42ecec8b474264ff206dd2db900c3c2f4187d9d1d86b3b4329cb52
SHA512

4d1245471241c9cb7195452e1933f0e68d7670736bce7df9aa65e317a4bbd8163574af7398b67092424d85ace7d599d0852cb0d368e8fda7f2431a55c1c67650
SSDEEP

768:z02P4aas+oVLYOn8WSunjLBaPu/r3JuLUXgIEs5zKdqlsecI:BEouo7RaW7NT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a76c5eaaf2be7c9dd9ba1d45e2e92fa_JaffaCakes118

Files

0a76c5eaaf2be7c9dd9ba1d45e2e92fa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9dd791a7530d0d69abcb3c17c58487b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetNumberFormatW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTickCount
GetVersionExW
GetWindowsDirectoryW
HeapDestroy
InitializeCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
GetCurrentThreadId
GetModuleFileNameW
QueryPerformanceCounter
SetEvent
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WaitForMultipleObjects
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrlenW
GetCurrentThread
GetCurrentProcessId
OutputDebugStringW
GetLastError
GetCurrentProcess
GetCommandLineW
ExitProcess
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexW
CreateEventW
CloseHandle
GetDriveTypeW
VirtualAlloc
ReadFile
OpenEventW
CreateFileW

user32

LoadIconW

gdi32

GetStockObject

advapi32

RegQueryValueW
RegQueryValueExA
RegOpenKeyW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExA
RegSetValueExW
RegQueryValueExW

msvcrt

memcpy
_except_handler3
_vsnwprintf
_wmakepath
_wsplitpath
_wtoi
free
malloc
memmove
setlocale
swscanf

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9dd791a7530d0d69abcb3c17c58487b5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 25KB - Virtual size: 24KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 25KB - Virtual size: 24KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 45KB - Virtual size: 44KB