556f774494980114ec83dc2364a61c79_JaffaCakes118

General

Target

556f774494980114ec83dc2364a61c79_JaffaCakes118
Size

419KB
MD5

556f774494980114ec83dc2364a61c79
SHA1

94d044f1f2740853fc0611c825f1c5550f072770
SHA256

edd3263ff954d09fd3045c0f1c3db375d245a99c8914ebb61590af3843797aeb
SHA512

b64b861e1916c649f0535ca2e65c8ad05397ada7ec6c44e5bdd887507739a8c8d4a0726264aceb2133c03a76a58a086dd427e882df821c57acb0a2cd20d63192
SSDEEP

12288:S8rkGaXUlKaS0DXGxd0WwvyLtdUVjEHtK7:16k4VBxd01KLtiVuu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
556f774494980114ec83dc2364a61c79_JaffaCakes118

Files

556f774494980114ec83dc2364a61c79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

694a544beec951e7215132520ddd88fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetVersion
GetStdHandle
GetStartupInfoA
RtlUnwind
GetCommandLineA
GetModuleFileNameW
GetCurrentProcess
GetProcAddress
VirtualAlloc
HeapCreate
TlsSetValue
HeapReAlloc
VirtualFree
FreeEnvironmentStringsW
UnhandledExceptionFilter
LeaveCriticalSection
InterlockedExchange
GetModuleFileNameA
SetHandleCount
GetModuleHandleA
ExitProcess
TlsFree
GetStartupInfoW
EnterCriticalSection
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
WriteFile
IsBadWritePtr
GetCurrentThread
QueryPerformanceCounter
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStringsW
VirtualQuery
GetCurrentThreadId
InitializeCriticalSection
HeapAlloc
GetFileType
HeapFree
DeleteCriticalSection
TerminateProcess
GetCurrentProcessId
GetLastError
TlsAlloc
GetCommandLineW
VirtualQueryEx
GetEnvironmentStrings
HeapDestroy
TlsGetValue

advapi32

RegDeleteKeyW
InitializeSecurityDescriptor
RegSaveKeyA
CryptEnumProvidersA
RegCreateKeyExW
RegOpenKeyExA
RegCreateKeyW
CryptGetDefaultProviderA
RegDeleteKeyA
LogonUserW
DuplicateTokenEx
RegSetValueA
CryptGenKey
CryptSetHashParam

user32

GetPropW
LoadIconW
RemoveMenu
CharToOemBuffW
TranslateAccelerator
CharNextExA
SetWindowLongW
LookupIconIdFromDirectory
OemToCharA
MapVirtualKeyW
UnloadKeyboardLayout
MsgWaitForMultipleObjects
CloseClipboard
GetWindow
CharLowerW

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 268KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

694a544beec951e7215132520ddd88fd

Headers

File Characteristics

Imports

kernel32

advapi32

user32

Sections

.text Size: 144KB - Virtual size: 143KB

.data Size: 268KB - Virtual size: 279KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 144KB - Virtual size: 143KB

.data
Size: 268KB - Virtual size: 279KB

.rsrc
Size: 6KB - Virtual size: 5KB