33ced80562511b826e17d7f22382c829_JaffaCakes118

General

Target

33ced80562511b826e17d7f22382c829_JaffaCakes118
Size

74KB
MD5

33ced80562511b826e17d7f22382c829
SHA1

38f623c08c9757ac893d69a7d2d39c72a949ae96
SHA256

51263237ced018351bcbedf189dbc30cae8d93d8b8138f94d32616d13585dd30
SHA512

b7bfb42b2e61cc121944d265c49f2de34397d80c71bee32f4ce3ae4eec84ebd78f7e52de9be65e41fd5bd4f78d2c79b28b8639c84f6d5ad738519e99f1a71385
SSDEEP

1536:GPdgrvacTdlZ2WiqMdMEunaP76SLON0thvP669Yoa52jZiRxD:Edg+UBiqMbune7RNBegm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33ced80562511b826e17d7f22382c829_JaffaCakes118

Files

33ced80562511b826e17d7f22382c829_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b9ac18679b00e8e12ec0cd485b24d84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
InterlockedExchange
CloseHandle
GetProcessWorkingSetSize
MapViewOfFileEx
GetModuleHandleW
GetLastError
ExitProcess
GetModuleHandleA
GetLongPathNameW
CreateDirectoryExA
GetSystemDefaultLCID
GetPrivateProfileStructW
VirtualAlloc
FindNextVolumeA
GetVolumePathNameA
FreeEnvironmentStringsA
OpenMutexA
GetLongPathNameA
SwitchToThread
GetProcessVersion
LeaveCriticalSection
FileTimeToSystemTime
OpenJobObjectW
GetFileAttributesA
GetProfileIntW

msvcrt

vswprintf
_hypot
__wgetmainargs
_lock
_wcsnicoll
??_7bad_typeid@@6B@
??8type_info@@QBEHABV0@@Z
_wfopen
_wcsdup
__setlc_active
_mbsbtype
towlower
_rmdir
__argv

user32

EqualRect
DefWindowProcW
PostQuitMessage
GetWindowTextW
InvalidateRect
PrivateExtractIconsA
GetSystemMetrics
LoadStringA
AdjustWindowRectEx
CheckMenuRadioItem

Exports

Exports

JdzvpPmhyzQaswno
IaGrgghOltfgXrexgZut
EsIyquwdtLhahinjSvnsyozKgw
GiIhhbbp

Sections

.text
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b9ac18679b00e8e12ec0cd485b24d84

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 984B

.rdata Size: 2KB - Virtual size: 1KB

.tls Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 62KB - Virtual size: 62KB

.reloc Size: 512B - Virtual size: 34B

.text
Size: 1024B - Virtual size: 984B

.rdata
Size: 2KB - Virtual size: 1KB

.tls
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 62KB - Virtual size: 62KB

.reloc
Size: 512B - Virtual size: 34B