353256354c4d19b838557780b676b4aa_JaffaCakes118

General

Target

353256354c4d19b838557780b676b4aa_JaffaCakes118
Size

467KB
MD5

353256354c4d19b838557780b676b4aa
SHA1

26ceac6ee1f757f4860820c4a2a4a38b1aa8c418
SHA256

5567e05935a2e064686abf9ed0383a20666f0a2383a9edd1d44f031bdc3b4e52
SHA512

921f63291447cb138942c2c74432f4df45151bf46abfd4a3854c0cfcbfac36a81db43a7202e87075f1f9d620cc098c77df30c7f21dd4bcb13c78011332eb5f91
SSDEEP

12288:c5aB38cLdKmsA6166rrIykP4iG4lR0EjfM7y:x6A6166Yt4wlR0EwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
353256354c4d19b838557780b676b4aa_JaffaCakes118

Files

353256354c4d19b838557780b676b4aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea4556226d86b6709dd8399325aecf47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
SetHandleCount
TlsFree
GetDiskFreeSpaceW
GetProcAddress
TlsGetValue
HeapReAlloc
UnhandledExceptionFilter
LoadLibraryExW
GetVersion
GetCurrentProcessId
HeapAlloc
WaitForSingleObjectEx
GetCurrentThread
HeapCreate
GetModuleHandleA
TlsSetValue
WritePrivateProfileStringW
GetConsoleTitleA
InterlockedExchange
GetFileType
LCMapStringW
ExpandEnvironmentStringsA
LCMapStringA
VirtualFree
FindFirstFileW
GetStringTypeA
GetThreadTimes
EnumResourceLanguagesA
ExitProcess
GetTickCount
GetStdHandle
LeaveCriticalSection
HeapFree
FreeEnvironmentStringsW
GetModuleFileNameA
InitializeCriticalSection
LoadLibraryA
QueryPerformanceCounter
FreeEnvironmentStringsA
VirtualAlloc
GetPrivateProfileSectionNamesW
CreateNamedPipeA
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetACP
GetEnvironmentStrings
GetOEMCP
GetStringTypeW
HeapLock
TlsAlloc
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCPInfo
GetUserDefaultLangID
CreatePipe
GetCommandLineA
GetEnvironmentStringsW
FindResourceW
WriteFile
WideCharToMultiByte
IsBadWritePtr
SetLastError
GetLastError
EnterCriticalSection
FindResourceA
MultiByteToWideChar
VirtualProtectEx
GetStartupInfoA
WaitForDebugEvent

gdi32

CopyMetaFileW

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea4556226d86b6709dd8399325aecf47

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 188KB - Virtual size: 188KB

.data Size: 272KB - Virtual size: 272KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 188KB - Virtual size: 188KB

.data
Size: 272KB - Virtual size: 272KB

.rsrc
Size: 5KB - Virtual size: 5KB