122015c1c1c1529b10f5ff52383bb5b5_JaffaCakes118

General

Target

122015c1c1c1529b10f5ff52383bb5b5_JaffaCakes118
Size

422KB
MD5

122015c1c1c1529b10f5ff52383bb5b5
SHA1

c7b3d76477e856a49c3ec6522a7e21ae90d6bb8e
SHA256

e5847d95705fd1a2746466d65cf5416d4e6300284bf09b2b654a231d89035f00
SHA512

ef522af9c54a278c8a8bdc4bd68db6dc36e7d32b18ac2734167454c14eb2428c5a68822a43098d74756a208b4cdcf9db9b5fad72f148795f1ce58565bce264c5
SSDEEP

12288:uf6CC4Cuqb3IRHEEgqryHi/2oKZUsFo3G:W6Cob3WH7gqAi/CSsFo2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
122015c1c1c1529b10f5ff52383bb5b5_JaffaCakes118

Files

122015c1c1c1529b10f5ff52383bb5b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13d260bcf44c5d9fa34b68fc29c13da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
LCMapStringA
LeaveCriticalSection
FindResourceExW
GetProcAddress
MultiByteToWideChar
HeapReAlloc
SetLastError
WriteConsoleOutputAttribute
GetLastError
GetCurrentProcessId
HeapAlloc
GetDiskFreeSpaceA
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleHandleA
SetHandleCount
HeapDestroy
OutputDebugStringW
TlsSetValue
GetCPInfo
GetVersion
LocalReAlloc
GetStringTypeW
TlsAlloc
FindFirstFileExW
GetEnvironmentStringsW
GetStringTypeExA
CreateProcessA
ExitProcess
GetTickCount
CreateDirectoryW
HeapCreate
HeapFree
GetProcessAffinityMask
GetModuleFileNameA
GetStdHandle
LoadLibraryA
QueryPerformanceCounter
DebugBreak
VirtualAlloc
ExitThread
GetVersionExW
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetConsoleCursorInfo
FreeEnvironmentStringsW
GetCurrentThread
VirtualFree
IsValidLocale
LCMapStringW
GetSystemTime
GetSystemTimeAsFileTime
DeleteCriticalSection
LocalShrink
FindNextChangeNotification
EnterCriticalSection
GetACP
RemoveDirectoryA
WriteFile
TlsFree
GetStringTypeA
IsBadWritePtr
GetCommandLineA
WideCharToMultiByte
DeleteFiber
InitializeCriticalSection
GetConsoleOutputCP
GetEnvironmentStrings
CommConfigDialogA
InterlockedExchange
GetOEMCP
GetFileType
OpenSemaphoreA
TlsGetValue

advapi32

CryptDuplicateKey
AbortSystemShutdownW
RegEnumKeyW
RegCreateKeyExA
CreateServiceA
RegCreateKeyExW
CryptDestroyKey
CryptSetProviderExW
RegCloseKey

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 303KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13d260bcf44c5d9fa34b68fc29c13da0

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 110KB - Virtual size: 110KB

.data Size: 303KB - Virtual size: 303KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 110KB - Virtual size: 110KB

.data
Size: 303KB - Virtual size: 303KB

.rsrc
Size: 7KB - Virtual size: 6KB