07163284db97c2bafe5ae1a7ff0d9513_JaffaCakes118

General

Target

07163284db97c2bafe5ae1a7ff0d9513_JaffaCakes118
Size

222KB
MD5

07163284db97c2bafe5ae1a7ff0d9513
SHA1

e6ed13ce04ea9bb701fb4e4e880382d6f2d21525
SHA256

ec0188e43ba9099da217088e3326ceec3cafe8e644d7822d66d9215a94e56adf
SHA512

f91a4c9a650ef2b6ec627d9f3f9335f71a457a3e25911ab7481bfddc3357f37a1fa84441c8aa059baaaa00054743d2f0745de12b66d3f11cee6d4652e1e52d8c
SSDEEP

3072:RZhGf9xvKWNHK3w4nm7jNGN1rd1NbE9z9a5ARjBSbZvoLstjHhgCL3mjj:tgTfA3wvA1q9RaGVB/YX8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07163284db97c2bafe5ae1a7ff0d9513_JaffaCakes118

Files

07163284db97c2bafe5ae1a7ff0d9513_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eef63819f0bfcca191690726370f39de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
GetLastError
SetLastError
VirtualAlloc
GetCurrentThreadId
LocalFree
GetModuleHandleW
CloseHandle
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
HeapReAlloc
Sleep
LoadLibraryW
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsProcessorFeaturePresent
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetTickCount
InterlockedDecrement
InterlockedIncrement
HeapAlloc
GetStdHandle
WriteFile
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapFree
RtlUnwind
EncodePointer
DecodePointer
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
EnterCriticalSection
GetProcAddress

user32

GetIconInfo
GetDC
GetForegroundWindow
ReleaseDC
DefWindowProcA
IsWindow
GetSystemMetrics

gdi32

StretchBlt
DeleteObject
CreateCompatibleDC

oleaut32

VariantClear

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eef63819f0bfcca191690726370f39de

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

oleaut32

Sections

.text Size: 38KB - Virtual size: 38KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 164KB - Virtual size: 171KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 38KB - Virtual size: 38KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 164KB - Virtual size: 171KB

.rsrc
Size: 7KB - Virtual size: 6KB