2d123c1438f4916b7214ea0fe352c26b_JaffaCakes118

General

Target

2d123c1438f4916b7214ea0fe352c26b_JaffaCakes118
Size

31KB
MD5

2d123c1438f4916b7214ea0fe352c26b
SHA1

5f8da545e7ad26538d29a58ddeecbb731a0186c9
SHA256

ce614a54031aecfda753a91b8f76ac2f6dd1cfc207e670a5a8719deba7f8176e
SHA512

e95dff5674ab4dd3e36676b339571f6246cde20a9c8dcf0b744da79dc13722278756cd8fc9f394097da4079b03329e1d5800fc75a24fc224cfc4407947ddbbc0
SSDEEP

384:mSOA0iRb/8jYbvuYLZbs9TbMRQ6Yz7prJ2ozr9+mqiV08gPJwrgq:mSt0aBt924YBrJ2ozNRV3ghwrg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d123c1438f4916b7214ea0fe352c26b_JaffaCakes118

Files

2d123c1438f4916b7214ea0fe352c26b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4444f9f87d85284c9ce6e47b91bd7044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
GetStdHandle
CloseHandle
GetExitCodeProcess
TerminateProcess
FreeEnvironmentStringsA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
FlushFileBuffers
VirtualAlloc
GetStringTypeW
GetProcAddress
LCMapStringW
LCMapStringA
GetStringTypeA
HeapFree
SetFilePointer
HeapAlloc
RtlUnwind
VirtualFree
WriteFile
HeapDestroy
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
GetFileType
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount

user32

MoveWindow
GetWindowRect
SetWindowTextA
DefWindowProcA
SetActiveWindow
RegisterClassExA
PostMessageA
LoadCursorA
UpdateWindow
CreateWindowExA
ShowWindow
DispatchMessageA
GetMessageA
TranslateMessage
GetDesktopWindow
MessageBoxA
PostQuitMessage

gdi32

GetStockObject

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4444f9f87d85284c9ce6e47b91bd7044

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 10KB - Virtual size: 8KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 8KB