75458af837cc90e461bdae3d608a18ab_JaffaCakes118

General

Target

75458af837cc90e461bdae3d608a18ab_JaffaCakes118
Size

3.3MB
MD5

75458af837cc90e461bdae3d608a18ab
SHA1

ece605195e95d37efa3465863709cd27d75d021c
SHA256

e8f09de42baf0097d76ab292c7406130768a0a931ff4a3cc86921eaa819300a1
SHA512

2c8b867868e0b7fd5bf3cf1b35355014c8cb47334357e0b998820865ec2b2815cb66a722c8d46ef4173a07326001b95c244050abdaac98e0cb2a280038d08469
SSDEEP

98304:uXWh2W0kVFOHpEVeOvcLrP9DGFSpSGC/BUTUHviBs:uozz6PtVwGyBGGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75458af837cc90e461bdae3d608a18ab_JaffaCakes118

Files

75458af837cc90e461bdae3d608a18ab_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9669b771361398a8e6abaf0e9b87f64a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
DefWindowProcA
PeekMessageA
CreateWindowExA
TranslateMessage
MsgWaitForMultipleObjects
RegisterClassExA

kernel32

GetLastError
CreateThread
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
OutputDebugStringA
GetTempPathA
VirtualFree
VirtualQueryEx
OpenProcess
Thread32First
Thread32Next
SetLastError
VirtualAlloc
VirtualAllocEx
OpenThread
CreateToolhelp32Snapshot
GetVersionExA
CloseHandle
WriteProcessMemory
SuspendThread
ResumeThread
HeapAlloc
HeapFree
GetProcessHeap
IsBadReadPtr
VirtualProtect
WaitForSingleObject
CreateMutexA
GetCurrentThreadId
ReleaseMutex
CreateRemoteThread
GetCommandLineA
GetStartupInfoA
MultiByteToWideChar
WideCharToMultiByte
HeapReAlloc
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapSize
SetEndOfFile
ReadFile

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9669b771361398a8e6abaf0e9b87f64a

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 3.1MB - Virtual size: 3.1MB

.data Size: 70KB - Virtual size: 76KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 3.1MB - Virtual size: 3.1MB

.data
Size: 70KB - Virtual size: 76KB