56112482fe0bc18ff4fe2a13060026db_JaffaCakes118

General

Target

56112482fe0bc18ff4fe2a13060026db_JaffaCakes118
Size

78KB
MD5

56112482fe0bc18ff4fe2a13060026db
SHA1

d860de5a5df75d2cc5af5771dadae014d29787c9
SHA256

3c892c79f19ab7cbc9eb2695c287f0affecef36f7da70586f2dccde8cb56c4fb
SHA512

51860b077d14cac68519b25d417145c3b3cf359962875fc191d72eff0e9cea6f1b5677aeec57fbef79aeecdcd8030ec7e40ce9f9f11f54d3e54cd5325784a570
SSDEEP

1536:Iz7kMeJDyTNEXfUEkvHwv/lk0re2aTLxJrEkOzC838oULrOhDQRciDX:87kMaDyTNEsEgMg2uvkzrM/L6hVQX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56112482fe0bc18ff4fe2a13060026db_JaffaCakes118

Files

56112482fe0bc18ff4fe2a13060026db_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14b62df4ec04328eafe89be56ed407d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
FreeLibrary
LockResource
GetLocaleInfoA
GetCurrentProcessId
SetHandleInformation
RaiseException
GetTickCount
WideCharToMultiByte
DeleteFileA
InterlockedDecrement
EnterCriticalSection
GetShortPathNameA
GetVersionExA
MoveFileA
IsDBCSLeadByte
GetACP
GetThreadLocale
WriteFile
CreateJobObjectA
lstrcmpiA
LoadLibraryExA
CloseHandle
QueryPerformanceCounter
CreateFileA
GlobalWire
MultiByteToWideChar
MoveFileA
GetLastError
ReadFile
InitializeCriticalSection
FindResourceA
GetProcAddress
lstrcpynA
LeaveCriticalSection
GetCurrentThreadId
CreateProcessA
lstrcatA
lstrlenA
ExitProcess
GetModuleFileNameA
GetStartupInfoA
OutputDebugStringA
GetModuleHandleA
LoadResource
CreatePipe
InterlockedIncrement
DeleteCriticalSection
InterlockedExchange
SizeofResource
GetSystemTimeAsFileTime
GetSystemDirectoryA

user32

CharNextA
LoadStringA
wsprintfA
MessageBoxA

advapi32

LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vnjq
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 132KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14b62df4ec04328eafe89be56ed407d3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 121KB

.vnjq Size: 3KB - Virtual size: 3KB

.edata Size: 132KB - Virtual size: 259KB

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 121KB

.vnjq
Size: 3KB - Virtual size: 3KB

.edata
Size: 132KB - Virtual size: 259KB