12eaba109e6ce57918a78bfeced84391_JaffaCakes118

General

Target

12eaba109e6ce57918a78bfeced84391_JaffaCakes118
Size

56KB
MD5

12eaba109e6ce57918a78bfeced84391
SHA1

d561740927e179c02beb15205ca96da336ba48a1
SHA256

ed35a881ce8e450d56f43e7c5d89b56d25367edf19afd9ead43fe6d77b5275b8
SHA512

3c9b8ed7a2fff4f02d20940027ea70341622d53055f58e89a332ccb10c869e12f2ba6d3e0689b0957282aeacd762bd27aa451c1f83e15796f2e15fb71c67e31d
SSDEEP

768:0ZpLE69+a6rP+VS5P6Utc12G2qN5J0NXjGIDz7tA1tGWK:0ntYrt+1BN5JYGKtItfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12eaba109e6ce57918a78bfeced84391_JaffaCakes118

Files

12eaba109e6ce57918a78bfeced84391_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7343b33879a5c3b27fa1bb865ab42299

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
DeleteFileA
GetTempPathA
GetProcAddress
LoadLibraryA
GetTickCount
GetVersionExA
GetModuleHandleA
Sleep
GetCurrentProcess
DuplicateHandle
OpenProcess
ExitProcess
WinExec
WriteFile
lstrcatA
lstrcpyA
CopyFileA
CreateThread
MoveFileExA
SetPriorityClass
GetCurrentProcessId
GetLastError
CreateMutexA
GetCurrentThreadId
GetFileAttributesA
GetWindowsDirectoryA
LCMapStringW
LCMapStringA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetEndOfFile
CreateDirectoryA

rpcrt4

UuidCreateSequential

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7343b33879a5c3b27fa1bb865ab42299

Headers

File Characteristics

Imports

kernel32

rpcrt4

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB