fe0e485fe43db374b822c65a23374ed3_JaffaCakes118

General

Target

fe0e485fe43db374b822c65a23374ed3_JaffaCakes118
Size

3.4MB
MD5

fe0e485fe43db374b822c65a23374ed3
SHA1

d99ce8b9d94bb8b6ec605862be1f92b6db35a9ef
SHA256

5007b414af5786cc24fc5733b70827d41a93d3ed4ab7fc8a7adfad566b51e7f3
SHA512

a393f8d8446dc13c4c7e14d9787807eef23844b2cbe25238a0fbd68f5256e6e08b731038768e66c41112166e344feaa4b81d34aab5f8ee7bd66a574d5c6ca9f4
SSDEEP

49152:96h8c1YK3TzpP5Nuk47DPb8lI/FjBobdv4luEJ//4AVKW2hmADdAbQTC5C8+9hs5:QtcRj8lIgBQlfd4AVF2dcQTC5N+ger

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe0e485fe43db374b822c65a23374ed3_JaffaCakes118

Files

fe0e485fe43db374b822c65a23374ed3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4de860e5661a003a7e19fa8d7696265

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
TerminateProcess
Sleep
GetTickCount
HeapFree
EnterCriticalSection
WriteFile
GetProcessHeap
CreateFileW
GetModuleFileNameW
GetStartupInfoW
IsDebuggerPresent
FindClose
ReadFile
FormatMessageW
GetFileType
TlsGetValue
GetModuleHandleA
InitializeCriticalSection
HeapReAlloc
HeapSetInformation
HeapSize
LoadLibraryW
GetCPInfo
TlsFree
SetFilePointer
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
FindNextFileW
IsValidCodePage
DeleteFileW
GetConsoleCP
GetCommandLineA
DecodePointer
SetEndOfFile
CreateFileA
EncodePointer
VirtualFree
GetExitCodeProcess
ExpandEnvironmentStringsW

user32

LoadStringW
DispatchMessageW
MessageBoxW
PostQuitMessage
SetWindowLongW
GetWindowLongW
GetMessageW
GetDlgItem
GetDC
EnableWindow
LoadCursorW
GetParent
EndDialog
SetWindowTextW
SetTimer
SetFocus
SetForegroundWindow
EndPaint
ScreenToClient
KillTimer
InvalidateRect
RegisterClassW
EnableMenuItem
GetWindowTextW
UpdateWindow
GetKeyState
MessageBoxA
CharUpperW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c4de860e5661a003a7e19fa8d7696265

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: - Virtual size: 612KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.idata Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.data
Size: - Virtual size: 612KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB

.idata
Size: 2KB - Virtual size: 1KB