f67da293097086f2ac981c76bc254b7d_JaffaCakes118

General

Target

f67da293097086f2ac981c76bc254b7d_JaffaCakes118
Size

3.4MB
MD5

f67da293097086f2ac981c76bc254b7d
SHA1

845be774d7da5322ca3ea08ce52f8e43fa24832d
SHA256

6e29ddf9ec20ebfdcde5c28c61969d05503fb16f50edc23bcacadecedffe81e9
SHA512

5ad15a945c5d045ea6c3df32a4882de44192bd13368679a72017295a649c565169c9f7e147fafcbe5fc618f8798d5be8c7610bdc8b38e879625399288f03a1d6
SSDEEP

98304:p4uNf3EXyiGtl2/tz5WyvUuzjEw40sibd:nV+JGabhvbzjR40si

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f67da293097086f2ac981c76bc254b7d_JaffaCakes118

Files

f67da293097086f2ac981c76bc254b7d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b7f69754077650b8faff409ad288386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetProcAddress
TerminateProcess
UnhandledExceptionFilter
GetTickCount
HeapAlloc
LocalFree
DeleteCriticalSection
EnterCriticalSection
WriteFile
CreateFileW
ExitProcess
GetStdHandle
GetStartupInfoW
GetCommandLineW
FindClose
ReadFile
FormatMessageW
GetFileType
InitializeCriticalSection
GetConsoleMode
FlushFileBuffers
WriteConsoleW
TlsFree
CompareStringW
LCMapStringW
GetModuleFileNameA
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetEnvironmentStringsW
IsValidCodePage
FindFirstFileW
DeleteFileW
GetConsoleCP
SetEndOfFile
ResetEvent
GetVersionExW
ReleaseMutex
OutputDebugStringW
EncodePointer
VirtualFree
GetModuleHandleExW
CreateDirectoryW
LoadResource
GetExitCodeProcess

user32

TranslateMessage
LoadStringW
DestroyWindow
ReleaseDC
MessageBoxW
SetWindowLongW
GetDlgItem
GetDC
GetWindowRect
SendMessageW
GetClientRect
EnableWindow
LoadCursorW
SetWindowTextW
SetTimer
GetSysColor
GetWindowTextW
SystemParametersInfoW
ClientToScreen

Sections

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b7f69754077650b8faff409ad288386

Headers

File Characteristics

Imports

kernel32

user32

Sections

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB