38d88483652d68b0d4fe5423ca801c88_JaffaCakes118

General

Target

38d88483652d68b0d4fe5423ca801c88_JaffaCakes118
Size

1.4MB
MD5

38d88483652d68b0d4fe5423ca801c88
SHA1

c050fad8466d72a540395ebe803c4f90969b43fc
SHA256

d23ad87ec36b8383b8cf023f401d3cfd70cdcd8e45fb337407d60f2e3130fc0a
SHA512

aa5218d6452caf1e63aba931089416846274d7169d2eb24f7f5e710b3b45870fc4ee56984d732590fb263fc035721e45b9846ea55b4566849abe2d9aceeffc64
SSDEEP

24576:WgenTFDgenTFGZ+dK48gRAnwdmSeFNb1oLfsulXAJ3GVyB3rGnHGcDg:iJPJ9dRqCLfszYyB3iHGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d88483652d68b0d4fe5423ca801c88_JaffaCakes118

Files

38d88483652d68b0d4fe5423ca801c88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4de8f034e40879941df1eae4bd414f7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomA
CopyFileA
DeleteCriticalSection
EnterCriticalSection
EnumSystemLocalesA
ExitProcess
ExpandEnvironmentStringsA
FindFirstFileA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetCPInfo
GetCommandLineA
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetLastError
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalFree
HeapFree
HeapSize
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadCodePtr
IsValidLocale
LoadLibraryA
LoadLibraryExA
LocalFree
Module32First
MulDiv
QueryPerformanceCounter
ReleaseMutex
ResetEvent
SetCurrentDirectoryA
SetEndOfFile
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SizeofResource
Sleep
TlsAlloc
VirtualQuery
WritePrivateProfileStringA

user32

BeginPaint
CharPrevA
DialogBoxParamA
GetFocus
IsRectEmpty
UpdateWindow

advapi32

CloseServiceHandle
EqualSid
GetSecurityDescriptorControl
LookupAccountSidA
LookupPrivilegeValueA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegisterServiceCtrlHandlerA
UnlockServiceDatabase

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 65KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4de8f034e40879941df1eae4bd414f7f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 92KB - Virtual size: 92KB

.DATA Size: 65KB - Virtual size: 252KB

.data Size: 6KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 92KB

.DATA
Size: 65KB - Virtual size: 252KB

.data
Size: 6KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB