f109b2cca6a13bb1e046e5742f49da6f_JaffaCakes118

General

Target

f109b2cca6a13bb1e046e5742f49da6f_JaffaCakes118
Size

169KB
MD5

f109b2cca6a13bb1e046e5742f49da6f
SHA1

e69a25f46bb9626a29ac7ccb50992592085eec7d
SHA256

71567efe583ed2e447dc7c245b2129a92758d5a050601dd2ccf84dee0b3b3359
SHA512

aaceed98c7fead3c29723bf564c38b70ba1b0cf1693b41a902a695370d6cf25dd3c53b96dbe49fc5ac933eb86b3fe3da08a30bafe49c95842edba026f1163889
SSDEEP

3072:sd53yoU8E0aQTQvRjhfJ8B/prcshz0ijXtxMM6I7TlG42Fbw1ZJR1/P/YV:ezU9lvRjhB8BRrcoljXtWMT7xG42G1n8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f109b2cca6a13bb1e046e5742f49da6f_JaffaCakes118

Files

f109b2cca6a13bb1e046e5742f49da6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4febdf91c6287b311c31e7fe1c41b1aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
CreateFileA
CreateFileMappingA
CreateMutexA
DeviceIoControl
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToLocalFileTime
FindClose
FreeLibrary
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetExitCodeProcess
GetFileSize
GetOEMCP
GetProcAddress
GetStdHandle
GetStringTypeA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GetThreadTimes
GetTickCount
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalUnlock
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
IsBadCodePtr
LocalAlloc
LocalFree
LockResource
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReadFile
SetErrorMode
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
WriteConsoleA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA

user32

GetMessageA
IsIconic
ReleaseCapture

advapi32

AllocateAndInitializeSid
CloseServiceHandle

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4febdf91c6287b311c31e7fe1c41b1aa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 157KB - Virtual size: 157KB

.data Size: 1KB - Virtual size: 189KB

.bss Size: 7KB - Virtual size: 8KB

.idata Size: 2KB - Virtual size: 4KB

.text
Size: 157KB - Virtual size: 157KB

.data
Size: 1KB - Virtual size: 189KB

.bss
Size: 7KB - Virtual size: 8KB

.idata
Size: 2KB - Virtual size: 4KB