2b0d23d512baefac686ce7a2e3d22f23_JaffaCakes118

General

Target

2b0d23d512baefac686ce7a2e3d22f23_JaffaCakes118
Size

307KB
MD5

2b0d23d512baefac686ce7a2e3d22f23
SHA1

ad27be40a10ff970a696b89ee7e48356323ea738
SHA256

ec55efec2b2bf0c843fcb912b6232d9f5137c07cb4814adbb7bf5bc0b20a861e
SHA512

03bc6e5de43bf0e8ee2d5f310aa4633995cc5cc6319c7484893c69d9444782fd423abe139389dfc8ae0740a0adb03cf60c56d7f4fed5f38e3eb0a08c54492365
SSDEEP

6144:elv8Cmu64pJxhvddCH0wGq7CvuzzIOs2JWqZpi8c8mGGVSWoP7s1uM:elkCf64DxhV7wGbkW4RwrozsIM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b0d23d512baefac686ce7a2e3d22f23_JaffaCakes118

Files

2b0d23d512baefac686ce7a2e3d22f23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f511bb7e82bf84fcabdd77815af18ad6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetLastError
LoadLibraryExA
ExitProcess
ExitThread
IsBadHugeReadPtr
VirtualAlloc
GetProcAddress
GetCommandLineW
GetModuleHandleW
GetModuleHandleA

ole32

CoCreateGuid
ReleaseStgMedium
StringFromIID

user32

PtInRect
ReleaseDC
RedrawWindow
RemovePropA
RegisterClassA
SendMessageA
RegisterWindowMessageA
PeekMessageA
LoadKeyboardLayoutA
SendMessageW
MapVirtualKeyA
ReleaseCapture
ScrollWindow
RegisterClipboardFormatA
LoadBitmapA
OpenClipboard
MessageBoxA
MapWindowPoints
ScreenToClient
RemoveMenu
PeekMessageW
LoadCursorA
PostQuitMessage
LoadIconA
MessageBeep
OffsetRect
SetActiveWindow
PostMessageA
OemToCharA
LoadStringA

Sections

CODE
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 238KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f511bb7e82bf84fcabdd77815af18ad6

Headers

File Characteristics

Imports

kernel32

ole32

user32

Sections

CODE Size: 53KB - Virtual size: 52KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 238KB - Virtual size: 238KB

.bdata Size: 1KB - Virtual size: 1KB

DATA Size: 8KB - Virtual size: 8KB

.cdata Size: 1024B - Virtual size: 690B

.rsrc Size: 1024B - Virtual size: 836B

CODE
Size: 53KB - Virtual size: 52KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 238KB - Virtual size: 238KB

.bdata
Size: 1KB - Virtual size: 1KB

DATA
Size: 8KB - Virtual size: 8KB

.cdata
Size: 1024B - Virtual size: 690B

.rsrc
Size: 1024B - Virtual size: 836B