03f6950ecc7744730bf377e6f2738d30_JaffaCakes118

General

Target

03f6950ecc7744730bf377e6f2738d30_JaffaCakes118
Size

913KB
MD5

03f6950ecc7744730bf377e6f2738d30
SHA1

f05660f257111ca58cf8db39e3192047b5c320dd
SHA256

d5e5689bddd7fcd0d1181fb2cab806390eb27edb496b625226c2c8f3e7aa8a3d
SHA512

89ca7c2c84108fe35f60aa1c9028f528905631f248e0f3e2f0b3807e9e6f8579b2bdeacd01be2bfb78c0259b7620826389003b24e5002c58d51ae853f71511e0
SSDEEP

24576:d+DRlKReQ7ncsbOXRXizgnuLcs424uAu2iHy3Jpa:d+DjKRbrOhGcstiTsyK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03f6950ecc7744730bf377e6f2738d30_JaffaCakes118

Files

03f6950ecc7744730bf377e6f2738d30_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb88250fd064e0d3d19d3a34ccbd0ccd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetVersion
GlobalLock
GlobalUnlock
GlobalFree
VirtualAlloc
HeapAlloc
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
GetLastError
GetFileType
FindClose
CloseHandle
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FormatMessageW
TlsAlloc
TlsSetValue
TlsFree
CreateMutexW
LoadLibraryExW
CreateProcessW
GetStartupInfoW
GetCommandLineW
OutputDebugStringW
FindResourceExW
GetFullPathNameW
FindNextFileW
QueryPerformanceCounter
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcessHeap
GetStdHandle
DeleteCriticalSection
GetModuleFileNameW
WriteFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
HeapFree
IsValidCodePage
GetACP
GetOEMCP
IsDebuggerPresent
IsProcessorFeaturePresent
RtlUnwind
HeapReAlloc
GetStringTypeW
HeapSize
CreateFileW

secur32

InitializeSecurityContextW

wininet

HttpSendRequestW
InternetOpenUrlW
InternetConnectW
HttpQueryInfoW
InternetSetOptionW
HttpOpenRequestW

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb88250fd064e0d3d19d3a34ccbd0ccd

Headers

File Characteristics

Imports

kernel32

secur32

wininet

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 748KB - Virtual size: 748KB

.data Size: 8KB - Virtual size: 7.4MB

.rsrc Size: 99KB - Virtual size: 98KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 748KB - Virtual size: 748KB

.data
Size: 8KB - Virtual size: 7.4MB

.rsrc
Size: 99KB - Virtual size: 98KB