f85da8a694f0d45a71801dd4799b676c_JaffaCakes118

General

Target

f85da8a694f0d45a71801dd4799b676c_JaffaCakes118
Size

3.4MB
MD5

f85da8a694f0d45a71801dd4799b676c
SHA1

cf3f398e6157ba54698133d439ad529b22d4977d
SHA256

e91c2c71e5fc88b449107fbca1a8c55e15a5abcfe448036dff30fbbd418cc0c9
SHA512

13a454d605987516ede70e4bca65f3b3cfd192d58f65fa1190732813556f7a314da0244f1492abaf86db9756502285f42fe51b87533c56c7292d719d7ad28957
SSDEEP

98304:oTsVcM0iyG8gPOwuSScTVEaez+7Gm364:odM0iyGfPOwOyVEae63

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f85da8a694f0d45a71801dd4799b676c_JaffaCakes118

Files

f85da8a694f0d45a71801dd4799b676c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

095d9d7039aae41e48ebaa0f80d1d2a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleW
QueryPerformanceCounter
Sleep
GetTickCount
MultiByteToWideChar
SetLastError
HeapFree
HeapAlloc
DeleteCriticalSection
EnterCriticalSection
WriteFile
GetModuleFileNameW
IsDebuggerPresent
GetCommandLineW
SetEvent
FormatMessageW
GetFileType
TlsGetValue
GetConsoleMode
TlsSetValue
HeapSize
CreateThread
SetFilePointer
GetStringTypeW
RtlUnwind
IsProcessorFeaturePresent
FindFirstFileW
VirtualAlloc
GetConsoleCP
ResetEvent
ReleaseMutex
CreateFileA
GetFileSize
EncodePointer
lstrlenW
GetFullPathNameW
LoadResource
UnmapViewOfFile
GetExitCodeProcess
CreateProcessW

user32

ShowWindow
DestroyWindow
MessageBoxW
CreateWindowExW
SetWindowLongW
GetWindowLongW
GetMessageW
GetDlgItem
GetSystemMetrics
PostMessageW
GetClientRect
SetWindowPos
EnableWindow
LoadCursorW
GetParent
SetWindowTextW
LoadIconW
GetSysColor
InvalidateRect
RegisterClassW
GetWindowTextW
MessageBoxA

Sections

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095d9d7039aae41e48ebaa0f80d1d2a2

Headers

File Characteristics

Imports

kernel32

user32

Sections

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data Size: - Virtual size: 612KB

.text Size: 6KB - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 1KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.text
Size: 6KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 1KB