52285121878b78de40332aeea420f6e8_JaffaCakes118

General

Target

52285121878b78de40332aeea420f6e8_JaffaCakes118
Size

154KB
MD5

52285121878b78de40332aeea420f6e8
SHA1

0b6e91b02c01e90523b73381c3d1c6ff43f92b56
SHA256

9be503dce41b42f3251a34571a5b1a7ff1429c2d9b2b8704751c87ab5158ece9
SHA512

1c5909359744484cd0f0f53355482f9b54f2361bd35f4b8bbbb6643240cae585801450e2f3dd6f936d99a6113adaeb624698e08ccaec13b7ef4d21c0f8e88ab8
SSDEEP

3072:mxuyqXy81pVJviKpC7Q+NBa9/ngtU6fNzx0Ww:RRP1NqvN49/ngU6R6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52285121878b78de40332aeea420f6e8_JaffaCakes118

Files

52285121878b78de40332aeea420f6e8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb7153d2d9e3c43a71de41f7cc66e439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
SetHandleInformation
GetVersionExA
lstrlenW
MoveFileA
Sleep
GetModuleFileNameA
GetShortPathNameA
WriteFile
GetSystemTimeAsFileTime
GetCurrentThreadId
SizeofResource
FindResourceA
GetProcAddress
lstrcpynA
GetTickCount
LoadLibraryExA
LeaveCriticalSection
lstrcatA
GetSystemDefaultLangID
EnterCriticalSection
CloseHandle
ExitProcess
VirtualQuery
MultiByteToWideChar
DeleteFileA
RaiseException
QueryPerformanceCounter
LockFileEx
ReadFile
lstrcmpiA
CreateFileA
WideCharToMultiByte
IsDBCSLeadByte
lstrlenA
GetCurrentProcessId
GetStartupInfoA
LockResource
GetLocaleInfoA
GetModuleHandleA
CreateProcessA
InitializeCriticalSection
InterlockedIncrement
CreatePipe
GetACP
SetFileAttributesA
GetThreadLocale
LoadResource
InterlockedExchange
GetSystemDirectoryA
OutputDebugStringA
GetLastError
DeleteCriticalSection
InterlockedDecrement

user32

MessageBoxA
LoadStringA
wsprintfA
CharNextA

advapi32

RegQueryValueExA
RegCloseKey
OpenProcessToken
RegOpenKeyExA
LookupPrivilegeValueA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gdkg
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 139KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb7153d2d9e3c43a71de41f7cc66e439

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 118KB

.gdkg Size: 3KB - Virtual size: 3KB

.edata Size: 139KB - Virtual size: 263KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 118KB

.gdkg
Size: 3KB - Virtual size: 3KB

.edata
Size: 139KB - Virtual size: 263KB