f109fccc7944b15ca38ca672f0bde0d1_JaffaCakes118

General

Target

f109fccc7944b15ca38ca672f0bde0d1_JaffaCakes118
Size

3.4MB
MD5

f109fccc7944b15ca38ca672f0bde0d1
SHA1

298bc7eb92cf8956f4c407da9b1c91d5149a0d47
SHA256

f67451f606d712146fb0469e3fa56278c907700160046537df2623ae0225a982
SHA512

dc80f55989ff69a1aae252198b0c634c9f428e86a044210fedbc733f4bd57ad02be9333ff4d42f3712312bc752f89ca11938d0fdceacd518daffed88be4558c0
SSDEEP

98304:bsg41JtSg0M0jBn0kYihkRgIi3KTPNKY7Dc77CU0Sv+:F4BEZYihuXi3KJ9CCUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f109fccc7944b15ca38ca672f0bde0d1_JaffaCakes118

Files

f109fccc7944b15ca38ca672f0bde0d1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d2e5170813f12514c83aa514d8616bc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
Sleep
MultiByteToWideChar
GetProcessHeap
GetModuleFileNameW
GetStdHandle
GetStartupInfoW
IsDebuggerPresent
RaiseException
SetEvent
GetFileType
TlsGetValue
InitializeCriticalSection
HeapReAlloc
TlsSetValue
CreateEventW
WriteConsoleW
GetCPInfo
TlsFree
CompareStringW
RtlUnwind
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetOEMCP
SetStdHandle
FreeEnvironmentStringsW
FindNextFileW
VirtualAlloc
GetConsoleCP
LocalAlloc
GetCommandLineA
DecodePointer
ResetEvent
GetVersionExW
ReleaseMutex
GetFileSize
VirtualFree
LoadLibraryA
GetLocaleInfoW
CreateDirectoryW
UnmapViewOfFile
GetExitCodeProcess
ExpandEnvironmentStringsW
CreateProcessW

user32

ShowWindow
DestroyWindow
DefWindowProcW
MessageBoxW
CreateWindowExW
GetSystemMetrics
GetWindowRect
SendMessageW
LoadCursorW
GetParent
LoadIconW
BeginPaint
SetCursor
KillTimer
InvalidateRect
UpdateWindow
SystemParametersInfoW
CharUpperW
ClientToScreen

Sections

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d2e5170813f12514c83aa514d8616bc7

Headers

File Characteristics

Imports

kernel32

user32

Sections

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.text Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.text
Size: 6KB - Virtual size: 6KB