2568def32e9d4f136eb3ebd74fba16ff_JaffaCakes118

General

Target

2568def32e9d4f136eb3ebd74fba16ff_JaffaCakes118
Size

528KB
MD5

2568def32e9d4f136eb3ebd74fba16ff
SHA1

87194c562b9927d544bc8a148341be52e2f93304
SHA256

b85b28b4d5b2142fbb61eeb23ff078b6cb3cefd0e747888aac456b7708a4e6d1
SHA512

89a49be8404bd962400e16310bec9aa714db07cf20f2942a03418ba54b1a44adb72cb53b8725e9933a39c5cdf4d3611fc4e3f0418a103aa6d345cdbb814ce3d6
SSDEEP

12288:JguQPBhTDOVC2SrsA2vD0gNINB11lYPIYO6ElhNPBzAuT0Vv6TZSmc2EN:JgTPTSVPKsAa0sILXOPJglhjbcv6TZSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2568def32e9d4f136eb3ebd74fba16ff_JaffaCakes118

Files

2568def32e9d4f136eb3ebd74fba16ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b4bc8da963fd69b800f040f0899a8f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
SetLastError
VirtualAlloc
GetCurrentThread
GetCurrentThreadId
ExitProcess
TlsSetValue
Sleep
InterlockedDecrement
VirtualFree
InitializeCriticalSection
TerminateProcess
LocalFree
CloseHandle
lstrcpyA
SetUnhandledExceptionFilter
InterlockedExchange
FindFirstFileA
SetFilePointer
GetStringTypeA
WideCharToMultiByte
CompareStringW
SetStdHandle
GetProcessHeap
InterlockedCompareExchange
GetCommandLineA
FreeEnvironmentStringsW
MultiByteToWideChar
UnhandledExceptionFilter
DeleteFileA
LockResource
GetConsoleOutputCP
GetEnvironmentStrings
DeleteCriticalSection
GetLocalTime
lstrlenW
GetCommandLineW
LoadLibraryA
TlsAlloc
GetTickCount
FreeLibrary
WaitForSingleObject
GlobalFree
GetModuleFileNameW
GetSystemInfo
ReadFile
LCMapStringW
EnterCriticalSection
GetLastError
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetVersion
GetProcAddress
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
InterlockedIncrement
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
GetStringTypeW
LCMapStringA

user32

EndDialog
MessageBoxA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

acqygy
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

amaes
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cskma
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b4bc8da963fd69b800f040f0899a8f8

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 28KB

acqygy Size: 440KB - Virtual size: 439KB

amaes Size: 20KB - Virtual size: 20KB

cskma Size: 32KB - Virtual size: 31KB

.text
Size: 32KB - Virtual size: 28KB

acqygy
Size: 440KB - Virtual size: 439KB

amaes
Size: 20KB - Virtual size: 20KB

cskma
Size: 32KB - Virtual size: 31KB