23aeb23d058c871a18f586aaf31eb13c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23aeb23d058c871a18f586aaf31eb13c_JaffaCakes118
Size

89KB
MD5

23aeb23d058c871a18f586aaf31eb13c
SHA1

d2d46a23114f5cbabf63495eb01828f390b4d0a1
SHA256

181539e2d74344a37d660954a1092bb04b0a5f39e09a76d3e9fc004e75274c17
SHA512

d0b4aa92a5a085692727e8b2c17c6c26749498a394b32289c823cf5eecc34aac59dc64c80760e95c7842b11033c428cc47c69174d0f8c5d86d5a7e652d039d8f
SSDEEP

1536:dYVlYtr+XPNs9g/1kq24DfmsokzIZMGtixwMmkEBlMbboG:deS+fNsuNkmloc378TBKbboG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23aeb23d058c871a18f586aaf31eb13c_JaffaCakes118

Files

23aeb23d058c871a18f586aaf31eb13c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45814d7eedbbe227782018300788455b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetVersion
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
TlsAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
GetFileSize
CloseHandle
GetModuleHandleA
DeviceIoControl
FindResourceW
LoadResource
HeapAlloc
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetStringTypeW

user32

UpdateWindow
ShowWindow
CreateWindowExA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadIconW
LoadIconA
RegisterClassExA
GetClientRect
wsprintfA
LoadStringA
DefWindowProcA
FindWindowA
MessageBoxA
DestroyWindow
BeginPaint
EndPaint

gdi32

CreateBitmap
TextOutA

advapi32

RegCloseKey

ole32

CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CODEA
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 263B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45814d7eedbbe227782018300788455b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 18KB - Virtual size: 18KB

.CODEA Size: 51KB - Virtual size: 50KB

.tls Size: 512B - Virtual size: 263B

.data Size: 10KB - Virtual size: 9KB

.tls Size: 512B - Virtual size: 20B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 18KB - Virtual size: 18KB

.CODEA
Size: 51KB - Virtual size: 50KB

.tls
Size: 512B - Virtual size: 263B

.data
Size: 10KB - Virtual size: 9KB

.tls
Size: 512B - Virtual size: 20B

.rsrc
Size: 7KB - Virtual size: 7KB