3b5e632f780d3bbc8897dce06694a1e8_JaffaCakes118

General

Target

3b5e632f780d3bbc8897dce06694a1e8_JaffaCakes118
Size

448KB
MD5

3b5e632f780d3bbc8897dce06694a1e8
SHA1

c66dfccdccc7c12342103a3bda4f23a03788aaf6
SHA256

cea03caeef5f9d1ae17b55223a6b65eb71ac93032b1481ec15060128a7d41a46
SHA512

7ed27542912bc2602d449c5b55fe53d950b1c8b7d299c0ac76aaaba249fec2ec52b5426996d72fb797190a2aafe9aba2a09665dc9ce4cf3219d848e97d0b9b4b
SSDEEP

12288:fFFvHwUg2RN2CRyw2xc2BaF/25gRNNW/Qu:RUCRCvs25wK/Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b5e632f780d3bbc8897dce06694a1e8_JaffaCakes118

Files

3b5e632f780d3bbc8897dce06694a1e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ba8410bd79cb00d199a261a5d205da2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
InterlockedDecrement
IsDebuggerPresent
Sleep
GetProcAddress
IsValidCodePage
HeapReAlloc
TlsFree
CompareStringW
GetStartupInfoW
GetCurrentProcessId
TlsSetValue
RtlFillMemory
GetEnvironmentStringsW
UnhandledExceptionFilter
GetModuleHandleA
IsValidLocale
SetCurrentDirectoryA
VirtualFree
SetConsoleCtrlHandler
GetLocaleInfoA
WriteFile
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
DeleteCriticalSection
GetOEMCP
GetStringTypeA
WriteProfileSectionW
ExitProcess
GetTickCount
GetComputerNameW
TlsGetValue
HeapFree
GetCPInfo
GetModuleFileNameA
GetTimeFormatA
LoadLibraryA
QueryPerformanceCounter
GetACP
VirtualAlloc
SetCriticalSectionSpinCount
EnterCriticalSection
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetCommandLineW
GetFileType
GetModuleFileNameW
SetHandleCount
WideCharToMultiByte
InterlockedIncrement
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentThread
GetPrivateProfileSectionNamesW
SetConsoleCursorPosition
GetDateFormatA
GetLastError
lstrcmpiW
SetUnhandledExceptionFilter
LeaveCriticalSection
GetTimeZoneInformation
lstrcmpiA
GetLocaleInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
HeapSize
TlsAlloc
GetModuleHandleW
GetThreadTimes
InterlockedExchange
GetStdHandle
GetStartupInfoA
FreeLibrary
MultiByteToWideChar
CompareStringA
ResetEvent
LCMapStringA
HeapDestroy
HeapAlloc
SetEnvironmentVariableA
ReadConsoleInputA
GetEnvironmentStringsA
HeapCreate

advapi32

RegCreateKeyW
RegQueryMultipleValuesW
RevertToSelf
ReportEventW

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ba8410bd79cb00d199a261a5d205da2

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 159KB - Virtual size: 158KB

.data Size: 277KB - Virtual size: 276KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 159KB - Virtual size: 158KB

.data
Size: 277KB - Virtual size: 276KB

.rsrc
Size: 11KB - Virtual size: 11KB