fe092daa6328b320c8529121d9795f93_JaffaCakes118

General

Target

fe092daa6328b320c8529121d9795f93_JaffaCakes118
Size

3.0MB
MD5

fe092daa6328b320c8529121d9795f93
SHA1

c3aecb0ccc5be62f2353be297e307660dd2f56b9
SHA256

2a998a20e5881810bbda722bf42b63048798ccb6f9dbaaf962a47696b7c1870c
SHA512

1fc438d44e2cce1f135cf341b3d7fc38580ec831e6891eced877d1199e954d28d35304ea2e10b775760b376c0cbe257c5c5a7dcc61766ba0d0da8973d6f8b983
SSDEEP

49152:ZwStmRl8N8xgSfSQSfSaa9Y84GlXxTnhZWfzaz6zmFaYBn+mSR:ZwStmI8xgSfNSfqYQZnSfmVgAk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe092daa6328b320c8529121d9795f93_JaffaCakes118

Files

fe092daa6328b320c8529121d9795f93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73ec795c6c369c6ce2c3b4c3f6477daa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
GetShortPathNameA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 597KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 27KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 408KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

4
Size: 46KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73ec795c6c369c6ce2c3b4c3f6477daa

Headers

File Characteristics

Imports

kernel32

user32

Sections

0 Size: 597KB - Virtual size: 1.5MB

1 Size: 27KB - Virtual size: 40KB

2 Size: 5KB - Virtual size: 8KB

3 Size: 408KB - Virtual size: 412KB

4 Size: 46KB - Virtual size: 71KB

5 Size: 3KB - Virtual size: 3KB

6 Size: 7KB - Virtual size: 28KB

.rsrc Size: 408KB - Virtual size: 412KB

0
Size: 597KB - Virtual size: 1.5MB

1
Size: 27KB - Virtual size: 40KB

2
Size: 5KB - Virtual size: 8KB

3
Size: 408KB - Virtual size: 412KB

4
Size: 46KB - Virtual size: 71KB

5
Size: 3KB - Virtual size: 3KB

6
Size: 7KB - Virtual size: 28KB

.rsrc
Size: 408KB - Virtual size: 412KB