22c6bfeab5cc1a36456862038b522bc4_JaffaCakes118

General

Target

22c6bfeab5cc1a36456862038b522bc4_JaffaCakes118
Size

444KB
MD5

22c6bfeab5cc1a36456862038b522bc4
SHA1

1cf4425b809c09b75fd0cefd331c52533ff0d56b
SHA256

9008a5fd2d2d148063aec4f23763366be8a49799ed6493832e7fa03c8eed2850
SHA512

36f7b77197daae0a8f89ceef570a1cbafff2e713f23846fed8248afaae4e305b7de4feecd8f7548a662e790115ad937a8ec3e4b3d844ae588822997b136c7487
SSDEEP

6144:OHQpAusiXXAfw3BiqPOd1nBpOwQrMioTzu8AobGF0ev3lpB0YC4E8U:KQpJFH08ODnLOIioTzxdbGK0SYF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22c6bfeab5cc1a36456862038b522bc4_JaffaCakes118

Files

22c6bfeab5cc1a36456862038b522bc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fcf3e7f12e78c4614a5b6e58715f17b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindow
SendMessageA
SetCursor
GetClientRect

kernel32

FreeLibrary
MulDiv
WriteConsoleW
LeaveCriticalSection
GetCurrentThreadId
SetEndOfFile
SetLastError
CreateEventA
GlobalAlloc
CreateFileW
LoadResource
GetTimeZoneInformation
SetEvent
GetVersion
GetACP
GetSystemTimeAsFileTime
CloseHandle
WriteFile
SetUnhandledExceptionFilter
FindFirstFileA
GetModuleHandleA
GetStringTypeA
MapViewOfFile
WideCharToMultiByte
GetProcessHeap
TlsFree
GetProcAddress
DeleteFileW
SetHandleCount
HeapSize
MultiByteToWideChar
DeleteFileA
GetCurrentProcessId
GetConsoleMode
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileAttributesW
LoadLibraryA
GetVersionExA
GetEnvironmentStringsW
GlobalUnlock
TlsAlloc
HeapAlloc
IsDebuggerPresent
LCMapStringA
WaitForSingleObject
lstrlenA
UnmapViewOfFile
HeapFree
VirtualAlloc
ExitProcess
GetStartupInfoA
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
GetStdHandle
GetFileType
TlsSetValue
TlsGetValue
GetLastError
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
GetStringTypeW
LCMapStringW

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fcf3e7f12e78c4614a5b6e58715f17b

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 380KB - Virtual size: 377KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 380KB - Virtual size: 377KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 2KB