2f6630b56f734afaad19444c21fee0c8_JaffaCakes118

General

Target

2f6630b56f734afaad19444c21fee0c8_JaffaCakes118
Size

206KB
MD5

2f6630b56f734afaad19444c21fee0c8
SHA1

3315670e27f080bb2dd5717b049ecb5ed119e7a1
SHA256

74e2b1396b7e007ca4a477918d8de8c1295ff7f9557096588159d711e0384480
SHA512

6e797ab0688f08ea6c175c38c67dc7323ce1f430f8956331b9cb35d954b487fc9babd5665bf638c21be5b43d6339388aed291d3adf0842abe8c127f28412bf5c
SSDEEP

3072:1N6xjw2wrWnNnIzGtoTdjROh6BTINquh2ZX3ns52+Dn:Cxjw21nNnIzGtoYw0NHwS2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f6630b56f734afaad19444c21fee0c8_JaffaCakes118

Files

2f6630b56f734afaad19444c21fee0c8_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f661490a72f2ccd08ed6766958ce935a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetStartupInfoA
FindClose
WaitForSingleObject
GetSystemDirectoryA
MapViewOfFile
MulDiv
GetModuleHandleA
GetCurrentProcessId
GetTickCount
InterlockedDecrement
GlobalAddAtomW
GetVersion

user32

SetWindowLongA
GetPropA
TranslateMessage
EndDeferWindowPos
DeferWindowPos
GetWindowTextA
wsprintfA
GetClientRect
EnableWindow
RemoveMenu
DestroyIcon
FindWindowA
GetDesktopWindow
UnionRect
ReleaseCapture
LoadIconA
GetWindowRect
GetMenuItemID
CheckDlgButton

msvcrt

_XcptFilter
_except_handler3
_vsnwprintf
__setusermatherr
strtol
_exit
exit
_expand
_mbctoupper
__getmainargs
__p__commode
_adjust_fdiv
_acmdln
_chdrive
_controlfp
strftime
_strdate
__set_app_type
_cwprintf
_initterm
memmove
rand
memcpy
__p__fmode
_fpieee_flt

gdi32

CreateRectRgnIndirect
EndDoc
CreateSolidBrush
BitBlt
GetBkMode
SetBkMode
LineTo
StartPage
EndPage
SetTextAlign
ExtTextOutA

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f661490a72f2ccd08ed6766958ce935a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

gdi32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 192KB

.rsrc Size: 184KB - Virtual size: 184KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 192KB

.rsrc
Size: 184KB - Virtual size: 184KB