ed9a1fc2c2330912846b04a3cb105135_JaffaCakes118

General

Target

ed9a1fc2c2330912846b04a3cb105135_JaffaCakes118
Size

3.0MB
MD5

ed9a1fc2c2330912846b04a3cb105135
SHA1

22e54293b2c358d26066320132629d1b7c448782
SHA256

bdd675af00639d2682ef07071bde26a149878cfc5bda4f3d08c18b801d5a6523
SHA512

bb1222e9cff487f3641adc10a57c89c37c3346770190e79db6bdad14aa8c5116c45a80349384f0ebf9b2c1495174fc495052fe218f9151cf0a5b503bc0e8e037
SSDEEP

49152:BiK+8SNBHjqW3IbubExMcIKKt5xgkRToJ/o915+1wIccPKbQm3DCZ:Bj+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed9a1fc2c2330912846b04a3cb105135_JaffaCakes118

Files

ed9a1fc2c2330912846b04a3cb105135_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f72fe4e72e6d6b68f63c8424b5c3bac0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
DisableThreadLibraryCalls
QueryPerformanceFrequency
HeapFree
LoadLibraryExW
GetLastError
EnterCriticalSection
InterlockedIncrement
GetStartupInfoA
GetFileInformationByHandle
TerminateProcess
SetHandleCount
SetConsoleCP
GetVersionExA
LoadLibraryW
FindNextFileW
SetStdHandle
GetSystemDefaultLangID
FindResourceExW
HeapDestroy
GetCurrentThreadId
FormatMessageW
DeleteCriticalSection
ExitProcess
GetCurrentProcessId
CreateDirectoryW
GetTickCount
GetCommandLineW
GetConsoleOutputCP
SetFileTime
SetLastError
ReleaseMutex
LeaveCriticalSection
GetLocaleInfoA
GetVersionExW
GetModuleHandleA
GlobalLock
VirtualProtect
TlsFree
GetCurrentDirectoryA
GetACP
GetCurrentProcess
Sleep
SetFileAttributesA
InitializeCriticalSection
SetUnhandledExceptionFilter
WideCharToMultiByte
GetOEMCP
UnhandledExceptionFilter
GetCommandLineA

user32

SetWindowPos
GetWindowThreadProcessId
GetFocus
UpdateWindow
DeleteMenu

ole32

CoTreatAsClass

msvcrt

strchr
??0exception@@QAE@ABV0@@Z
__wgetmainargs
wcstoul

advapi32

RegEnumKeyExW
RegSetValueExW

gdi32

StretchDIBits
GetStockObject
PatBlt

lz32

LZDone

Sections

.text
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f72fe4e72e6d6b68f63c8424b5c3bac0

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcrt

advapi32

gdi32

lz32

Sections

.text Size: 386KB - Virtual size: 386KB

.rdata Size: 2.6MB - Virtual size: 2.6MB

.idata Size: 1024B - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 234B

.text
Size: 386KB - Virtual size: 386KB

.rdata
Size: 2.6MB - Virtual size: 2.6MB

.idata
Size: 1024B - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 234B