efe77982de23bf9e8ec3c524ae0352a7_JaffaCakes118

General

Target

efe77982de23bf9e8ec3c524ae0352a7_JaffaCakes118
Size

176KB
MD5

efe77982de23bf9e8ec3c524ae0352a7
SHA1

bfac32cf8fc3574978df63909b3abcc7e5912cda
SHA256

c6184fe8ba6327d0a4adc30dd3f0000de72eab69f53725faf5132d2bd80084c1
SHA512

4ac94048809bd64c40d2423df63f3ebdf4c37d05119a13c86a823717b1c30dd88e4d77ac0e0876ca5b34ece1a1dfab1b0c834f2aa055e74d4a77f7ee90972b1d
SSDEEP

3072:NqaXrdklaQBf0t6/SJxOgKczg7VDkxuK0AhUJLDBkukHNOeo:Nt2laQd/SJxOgKcGO0ECBkukHNON

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efe77982de23bf9e8ec3c524ae0352a7_JaffaCakes118

Files

efe77982de23bf9e8ec3c524ae0352a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

804b29e169fe0d6dd2bd959677efe967

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetProcAddress
GetModuleHandleA
HeapAlloc
GetProcessHeap
GetLastError
lstrcatA
CloseHandle
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
ExitProcess
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
GetSystemDirectoryA
LoadLibraryA
lstrcpyA
lstrlenA
SetLastError
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
DeleteFileA
SetFileAttributesA
MoveFileA
FreeResource
WriteFile
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetTickCount
WinExec
GetFileAttributesA
SetUnhandledExceptionFilter
Sleep
ReleaseMutex
CreateMutexA
GetCommandLineA
GetCurrentThreadId
GetStringTypeA
GetStringTypeW
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
RtlUnwind
HeapReAlloc
GetStartupInfoA
GetVersion
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetStdHandle
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP

user32

GetInputState
PostThreadMessageA
wsprintfA
GetMessageA

shell32

ShellExecuteA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

804b29e169fe0d6dd2bd959677efe967

Headers

File Characteristics

Imports

kernel32

user32

shell32

Sections

.text Size: 36KB - Virtual size: 33KB

.data Size: 24KB - Virtual size: 21KB

.rsrc Size: 112KB - Virtual size: 108KB

.text
Size: 36KB - Virtual size: 33KB

.data
Size: 24KB - Virtual size: 21KB

.rsrc
Size: 112KB - Virtual size: 108KB