4f2e392e082c40e1bf5b7036a1c45c70_JaffaCakes118

General

Target

4f2e392e082c40e1bf5b7036a1c45c70_JaffaCakes118
Size

267KB
MD5

4f2e392e082c40e1bf5b7036a1c45c70
SHA1

6564c53ce19e20c6ad322b40ac9b402417270cb1
SHA256

ee2aa4b9874b87bbef85d2e020848c8281efdf2cf7046a711693f6e062218c60
SHA512

b6c25e8f202c7759f561f91ed7dcf8831f129d7a73315a0a1ef91a79101bfe479929a049f5a59fd483f17dee8837356aedb49811b53bd8b955e11bd8564d5a28
SSDEEP

3072:9eayCoz/CCRi36tghW0TsMSIXRVrY8/r9Ua8bBU:9bwCCRiKCg0TjBxYeRUnBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f2e392e082c40e1bf5b7036a1c45c70_JaffaCakes118

Files

4f2e392e082c40e1bf5b7036a1c45c70_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99fbe24a714b2f505b24cb382d971998

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
VirtualAlloc
Sleep
FindClose
SuspendThread
ResumeThread
CreateDirectoryA
GetEnvironmentStringsW
InterlockedExchange
SetFileAttributesW
ExitProcess
GetProcessHeap
GetWindowsDirectoryW
InterlockedIncrement
CloseHandle
LCMapStringW
LCMapStringA
SetFilePointer
FlushFileBuffers
ReadFile
GetLastError
GetLongPathNameW
TerminateThread
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
GetOEMCP
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
GetCPInfo
GetACP
SetStdHandle

user32

MoveWindow
SwitchDesktop
ReleaseDC
ShowWindow
MessageBoxA
GetWindowTextW

gdi32

SelectObject

oleaut32

SysAllocString
SysFreeString

winscard

SCardReconnect

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 656KB - Virtual size: 658KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99fbe24a714b2f505b24cb382d971998

Headers

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

winscard

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 656KB - Virtual size: 658KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 656KB - Virtual size: 658KB

.rsrc
Size: 24KB - Virtual size: 23KB