f0be9ce17559c74102c6843ee676e304_JaffaCakes118

General

Target

f0be9ce17559c74102c6843ee676e304_JaffaCakes118
Size

153KB
MD5

f0be9ce17559c74102c6843ee676e304
SHA1

133f251878ed6f29d89a191ff9ac2d3ee5903969
SHA256

ccfa9751dc626d4bc436a1167ce14adb0679ed177cf8cb4aa0ab31a2e117c5b9
SHA512

e819d9740cc1b3b25f4f12d332d4c7d4ca77c6f73dabbec1dc315cfc9e05023776b1645864c87db56706b2edd57e88374b3d4bbba0de09cef9e4f42fe7f6994d
SSDEEP

3072:pCosozzOpTttyTI1FknvmYVgCGNeduYqT8crh3mRsxJXd2Mnd:9kaTaFmvmYVRk8eDSqdnd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0be9ce17559c74102c6843ee676e304_JaffaCakes118

Files

f0be9ce17559c74102c6843ee676e304_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c25ec3b9f848d755e23e1b774d988189

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
Beep
lstrlenA
GetProcAddress
LoadLibraryA
lstrcatA
GetDiskFreeSpaceA
SetErrorMode
RaiseException
LCMapStringW
CloseHandle
GetStringTypeW
GetLastError
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
lstrcmpiA
LCMapStringA
SetCurrentDirectoryA
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStringTypeA
ExitProcess
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapSize

user32

GetSysColor
GetQueueStatus
LoadBitmapA
GetDesktopWindow
GetScrollRange
GetClassInfoW
IsClipboardFormatAvailable
EmptyClipboard
wsprintfA
MessageBoxA
IsWindowVisible
CreateWindowExA
GetWindowTextLengthA
GetWindowTextA
PostMessageA
EnumChildWindows

gdi32

CreateRectRgn
CreateHatchBrush

shell32

FindExecutableA

msvcrt

_itoa

comctl32

ord17

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c25ec3b9f848d755e23e1b774d988189

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msvcrt

comctl32

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 119KB - Virtual size: 119KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 119KB - Virtual size: 119KB