1b3140acb2347de7ab9c26fc63334e13_JaffaCakes118

General

Target

1b3140acb2347de7ab9c26fc63334e13_JaffaCakes118
Size

410KB
MD5

1b3140acb2347de7ab9c26fc63334e13
SHA1

623a4e6868a4c48ba5c5487ba9ae63362f5d6111
SHA256

a8342cd6ad95da1796609cbc123646635e5582cfeb88587e432f02e1c62779fd
SHA512

df671c930b536c1624b9b5f00c9bd8323f22c328c19e91c9f2135ef0f825ead8ddb0157cc1b2001a92c8d03ae9cf022d0d905e1b08276286d1fc94eb48a3cc4b
SSDEEP

6144:w6iY4VH9bd1fJSTkVtohjSlaFwNx14clq+vkc0KATzANMnLVqTIT32uzj6HQgdE:gJJ9bVSTXhKNocQ+vkcoTwk6M2ddE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3140acb2347de7ab9c26fc63334e13_JaffaCakes118

Files

1b3140acb2347de7ab9c26fc63334e13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a92e595f881928805b5fa55148aa7ed9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
TerminateProcess
LeaveCriticalSection
WaitCommEvent
GetProcAddress
FlushInstructionCache
HeapReAlloc
GetEnvironmentStringsA
WritePrivateProfileStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
LocalLock
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetFileTime
ReadConsoleOutputCharacterW
IsValidLocale
InterlockedExchange
RtlUnwind
DeleteFileA
FillConsoleOutputCharacterA
WaitNamedPipeA
FileTimeToSystemTime
FillConsoleOutputCharacterW
GlobalHandle
CreateRemoteThread
VirtualUnlock
ExitProcess
GetTickCount
GetPrivateProfileStringW
GetProcAddress
HeapFree
CreateProcessA
GetModuleFileNameA
FindResourceW
LoadLibraryA
QueryPerformanceCounter
GetConsoleCP
VirtualAlloc
CreateFileW
CreateEventA
VirtualQuery

user32

CreateDesktopW
RegisterClipboardFormatA
RegisterWindowMessageA
EndPaint
ToAsciiEx
SetRectEmpty
DrawFocusRect
GetParent
ExitWindowsEx

Sections

.text
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a92e595f881928805b5fa55148aa7ed9

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 135KB - Virtual size: 134KB

.data Size: 264KB - Virtual size: 264KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 135KB - Virtual size: 134KB

.data
Size: 264KB - Virtual size: 264KB

.rsrc
Size: 10KB - Virtual size: 9KB