f55049198c34a5bc33c0daf036cca09d_JaffaCakes118

General

Target

f55049198c34a5bc33c0daf036cca09d_JaffaCakes118
Size

1.0MB
MD5

f55049198c34a5bc33c0daf036cca09d
SHA1

bbcfc3633000aa89d6eba3da709680b371d98081
SHA256

98c6bcedd9cede53a845110a6fee098e3de56a2735c9941a47fdce6dbc521ff1
SHA512

b9d7c6221eafaae6a0fd59366d9aaf9a692439c311a4862482850c40b0b46b052f2a17f23d1ebadda5e45080329a11209ec78bbd6845db919b3117c73a854089
SSDEEP

24576:49LORyy+Y6Smjyog1lyN5pGbjlHVBI+JVDPFD5wGDnr+6sGco:4p2yy+phjyogBvlHVGWRP3wGDr+6zD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f55049198c34a5bc33c0daf036cca09d_JaffaCakes118

Files

f55049198c34a5bc33c0daf036cca09d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6feb07adb76e5355c45b19835ce0077a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
LocalAlloc
GlobalFree
GetLastError
GetCommandLineA
GetTickCount
GetStartupInfoA
GetVersionExA
CloseHandle
GlobalAlloc
GetVersion
GetFileSize
lstrcpyA

msvcrt

__CxxFrameHandler
_c_exit
wcslen
__setusermatherr
memmove
__p__commode
rand
__getmainargs
wcschr
_acmdln
exit
_exit
_controlfp
__set_app_type
_except_handler3
__p__fmode
wcstoul
_adjust_fdiv
toupper
_initterm

gdi32

SetBkMode
ExtTextOutA
CreateSolidBrush
PatBlt
GetObjectA
GetBkColor
MoveToEx
GetPixel
GetTextColor
CreateFontIndirectA
BitBlt
SetPixel
SelectObject
GetStockObject
GetDeviceCaps
DeleteObject

user32

EndPaint
ShowWindow
GetMessageA
DispatchMessageA
DestroyWindow
PostQuitMessage
MessageBoxA
GetFocus

Sections

.text
Size: 1024B - Virtual size: 1019B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1018KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6feb07adb76e5355c45b19835ce0077a

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

Sections

.text Size: 1024B - Virtual size: 1019B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.tls Size: 512B - Virtual size: 484B

.rsrc Size: 1018KB - Virtual size: 2.8MB

.text
Size: 1024B - Virtual size: 1019B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 484B

.rsrc
Size: 1018KB - Virtual size: 2.8MB