f78dd3d6efdc55408225c7daa6dd6a6e_JaffaCakes118

General

Target

f78dd3d6efdc55408225c7daa6dd6a6e_JaffaCakes118
Size

210KB
MD5

f78dd3d6efdc55408225c7daa6dd6a6e
SHA1

2e8ad1f85244d9ca46ef61a6720fa3511a8acdd1
SHA256

0d412e9beaea65f5e2a52cfeb861b1f488b7e75170af08b9381de2e6bc0406dd
SHA512

988083c5dcadf0f590b0dac7394ca31a76c77e668c480d22236d9359d8a880a0bdbcaa17d1fedb3a5d783a2ca4baf7843fe4bdb4aa95b936cd81690ce07eb3d5
SSDEEP

3072:Ek56syXNyFeOoi0Mp42t+Xy8oGKi3cm0NxS3tWq:J56syXseOoJXnKiMm0bSA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f78dd3d6efdc55408225c7daa6dd6a6e_JaffaCakes118

Files

f78dd3d6efdc55408225c7daa6dd6a6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51bac45a803464f06d00dbf1c0a57509

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
Sleep
lstrlenA
lstrcpynA
ExitProcess
CloseHandle
ReleaseMutex
OpenMutexA
WaitForSingleObject
GetModuleFileNameA
GetModuleHandleA
GetLastError
GetWindowsDirectoryA
GetTickCount
GetSystemInfo
lstrcpyA
GetSystemDefaultLangID
SetLastError
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalFree
GlobalUnlock
GlobalHandle
LeaveCriticalSection
GlobalLock
GlobalReAlloc
GlobalAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
InterlockedDecrement
GetVersion
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
FreeLibrary
GetProcessVersion
lstrcmpA
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentProcess
LoadLibraryA
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapFree
RaiseException
ExitThread
HeapSize
HeapReAlloc
TerminateProcess
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
WriteFile
GetProcAddress
CreateProcessA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

iphlpapi

GetAdaptersInfo
GetIfTable

comctl32

ord17

shlwapi

SHDeleteKeyA

msvcrt

free
strncmp
exit
sprintf
strstr
strcspn
strncpy
atoi
realloc
malloc

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

51bac45a803464f06d00dbf1c0a57509

Headers

File Characteristics

Imports

kernel32

winspool.drv

iphlpapi

comctl32

shlwapi

msvcrt

Sections

.text Size: 111KB - Virtual size: 111KB

.rsrc Size: 98KB - Virtual size: 97KB

.text
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 98KB - Virtual size: 97KB