3b2af11198a22390a5a0dded55f9cb5c_JaffaCakes118

General

Target

3b2af11198a22390a5a0dded55f9cb5c_JaffaCakes118
Size

103KB
MD5

3b2af11198a22390a5a0dded55f9cb5c
SHA1

45fe86eac3fc497b01bc09e4ce435a6ee05ddf7d
SHA256

61a3c45fb3c597734004467650257edcc39128663fa98d931d8af181b654869a
SHA512

59e2b76562862a2c767d99db453ebc58b4a132655d361b5180b9df68af49d018cc4eeeee8f4a6d128c0f0538585d1aaf7a4f73169af38c2765c61fe0fa869787
SSDEEP

1536:sCBQG+Swdz32bkFz9g4LI0xS5z/jOHW4yR8ygaQrmYbzWsG7Z/:XBQ5hzmbeXxSVjOWfmBWscZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b2af11198a22390a5a0dded55f9cb5c_JaffaCakes118

Files

3b2af11198a22390a5a0dded55f9cb5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ca3eb4ad44981778ba32926c639afb0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateEventA
CreateFileMappingA
DeleteFileA
DeviceIoControl
ExitProcess
FindResourceA
FlushFileBuffers
GetACP
GetCPInfo
GetConsoleMode
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStringsA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetOEMCP
GetPrivateProfileSectionNamesA
GetPrivateProfileStructA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTempPathA
GetTickCount
GetTimeZoneInformation
GetVersionExA
GlobalLock
GlobalUnlock
HeapDestroy
HeapReAlloc
MapViewOfFile
Module32First
ReadFile
RemoveDirectoryA
ResumeThread
SetFileAttributesA
SetStdHandle
SetThreadPriority
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsSetValue
UnmapViewOfFile
WideCharToMultiByte
WriteFile
lstrcpynA
lstrlenA

advapi32

AdjustTokenPrivileges
OpenServiceA

Sections

.code
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca3eb4ad44981778ba32926c639afb0e

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.code Size: 89KB - Virtual size: 88KB

.data Size: - Virtual size: 3KB

.bss Size: - Virtual size: 13KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 7KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.code
Size: 89KB - Virtual size: 88KB

.data
Size: - Virtual size: 3KB

.bss
Size: - Virtual size: 13KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB