2c5cc3fc564c249b57038e5ae4bad3ed_JaffaCakes118

General

Target

2c5cc3fc564c249b57038e5ae4bad3ed_JaffaCakes118
Size

184KB
MD5

2c5cc3fc564c249b57038e5ae4bad3ed
SHA1

d311c03844c198a9a718fc4f4ed94fad8696467a
SHA256

c55f6a2926059df512fc63578322ec70a866cb2c3cb50569c2a410869fdf9b23
SHA512

f143809c22ce6781541c729af2f0deb43db8270ff089c70c2160438ac2bc5af5adba1fd6db795809a9d8e1e548aabdb2259a0de1b222745171fd646d8dff4ef8
SSDEEP

3072:K/VQ8lc0SVBrQ1HfzjsvGSJWAqiwfdIW5Ky0hbJ3WCRH3Z:Y4V21/E9NNWgy0hblh3Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c5cc3fc564c249b57038e5ae4bad3ed_JaffaCakes118

Files

2c5cc3fc564c249b57038e5ae4bad3ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4fdc6b49257b303727593af70266a06d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
LoadLibraryA
GetEnvironmentStrings
VirtualAlloc
VirtualProtect
GetProcAddress
GetModuleHandleA
GetCommandLineA
Sleep
CreateTimerQueue
HeapFree
GlobalFree
GetLastError
SuspendThread
VirtualFreeEx
GetTickCount
HeapCompact
VirtualQuery
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
HeapSize
InterlockedExchange
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
ResetEvent
GlobalLock
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
GetSystemInfo

user32

PostQuitMessage
GetDesktopWindow
GetDC
ShowWindow
IsIconic
GetCursorPos
SetCursorPos
GetClientRect
GetWindowRect
GetLastActivePopup

shell32

DuplicateIcon

msvfw32

DrawDibStop
ICCompressorFree
DrawDibEnd

avifil32

AVIFileInit

shlwapi

StrStrA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fdc6b49257b303727593af70266a06d

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvfw32

avifil32

shlwapi

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 144KB - Virtual size: 230KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 144KB - Virtual size: 230KB