12c5109225653207c540a3eae3683a79_JaffaCakes118

General

Target

12c5109225653207c540a3eae3683a79_JaffaCakes118
Size

476KB
MD5

12c5109225653207c540a3eae3683a79
SHA1

d1908254ec0b6c147187ede3a810775335cc9a17
SHA256

add9f0d2d6097cbcd105a0032e235a3a61b35c3e18c025384b03ed3f92183ccd
SHA512

b9e7394c73262cfa79cc1849123aba67053dfcb5a2d751c4a28ff60fd49d3ce1804c932b9a60e78e7377890fea9d9af714a93f94d753bdf29651eb2cf3af7498
SSDEEP

6144:RH6iyYUMjv7JiNYesmPBJrV2zOpdKq8uOHY48r7z+MO/fVaXRFr9AhitswtTR8V3:+3MjDJiNYesoJZSPBYx71uazYitskR8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12c5109225653207c540a3eae3683a79_JaffaCakes118

Files

12c5109225653207c540a3eae3683a79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d88f028707760dfbf92964a372d327c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
LeaveCriticalSection
GetCurrentThreadId
ExitProcess
SetEndOfFile
GetFileType
VirtualFree
GlobalAlloc
LoadResource
GetTimeZoneInformation
TerminateProcess
GetACP
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
InterlockedExchange
ReadFile
GetModuleHandleA
GetStringTypeA
WideCharToMultiByte
RaiseException
SetFilePointer
FormatMessageA
UnhandledExceptionFilter
CreateThread
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
GetVersionExA
TlsAlloc
GetTickCount
HeapDestroy
GetExitCodeProcess
UnmapViewOfFile
GetLastError
VirtualAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
GetProcAddress
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
TlsSetValue
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapCreate
HeapFree
RtlUnwind
WriteFile
InterlockedDecrement
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

user32

ScreenToClient
PeekMessageA
ShowWindow
SendMessageA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d88f028707760dfbf92964a372d327c2

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 416KB - Virtual size: 415KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 416KB - Virtual size: 415KB

.rsrc
Size: 4KB - Virtual size: 3KB