160f6a55679a0159c1ef287ab3cd4892_JaffaCakes118

General

Target

160f6a55679a0159c1ef287ab3cd4892_JaffaCakes118
Size

452KB
MD5

160f6a55679a0159c1ef287ab3cd4892
SHA1

93fb8b15fbad15c6e7143bd3c940fe2856a2f5e4
SHA256

df3debe973f8d0117e0ab9ef4f5058f5270ec5e93cbbf3a5aa06615e23eba14e
SHA512

df6ad7df8a03f60b4f0da603e9942defe58c6b45ec0821f87359cfd1d46fed45f96e9a49595b2e3e0d3f00e07739015bb48292efb7537828101be1e140d8bddc
SSDEEP

12288:sdGLIUwDu/O3XlU/MAS2an14a75ELS3g7ScOGn4Zg4CwWpQEqv:swpwVlp2an14a9+cE4jsQZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160f6a55679a0159c1ef287ab3cd4892_JaffaCakes118

Files

160f6a55679a0159c1ef287ab3cd4892_JaffaCakes118
.exe windows:4 windows x86 arch:x86

188731172a2cf12192d4bff00d18ad4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
LCMapStringW
MultiByteToWideChar
VirtualFree
GetProcAddress
SetConsoleCtrlHandler
HeapReAlloc
WriteFile
GetCurrentThread
HeapDestroy
GetCurrentProcessId
HeapAlloc
EnumSystemLocalesA
GetStartupInfoA
TlsFree
GetModuleHandleA
SetEnvironmentVariableA
CreateRemoteThread
LockResource
TlsAlloc
GetStringTypeA
IsValidCodePage
GetEnvironmentStringsW
IsDebuggerPresent
SetLastError
EnterCriticalSection
GetUserDefaultLCID
CompareStringW
FindNextFileA
ExitProcess
GetTickCount
CompareStringA
IsValidLocale
HeapFree
GetLocaleInfoW
GetModuleFileNameA
InterlockedDecrement
LoadLibraryA
QueryPerformanceCounter
GetLocaleInfoA
VirtualAlloc
ReleaseSemaphore
GetDateFormatA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetModuleFileNameW
GetStartupInfoW
GetTimeFormatA
TlsGetValue
CreateDirectoryExW
LeaveCriticalSection
GetFileType
GetSystemTimeAsFileTime
GetModuleHandleW
GetACP
IsBadReadPtr
GetOEMCP
GetStdHandle
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
FreeEnvironmentStringsW
GetStringTypeW
TlsSetValue
DeleteCriticalSection
LCMapStringA
WideCharToMultiByte
GetTimeZoneInformation
GlobalUnlock
InterlockedExchange
HeapSize
HeapCreate
GetLastError
Sleep
GetCommandLineW
GetCPInfo
SetHandleCount

advapi32

CryptSignHashW
InitializeSecurityDescriptor
CryptAcquireContextA
CryptContextAddRef
GetUserNameW

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

188731172a2cf12192d4bff00d18ad4c

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 311KB - Virtual size: 341KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 311KB - Virtual size: 341KB

.rsrc
Size: 5KB - Virtual size: 4KB