3989b343fe446621c6b2dc6d925889e4_JaffaCakes118

General

Target

3989b343fe446621c6b2dc6d925889e4_JaffaCakes118
Size

85KB
MD5

3989b343fe446621c6b2dc6d925889e4
SHA1

d57d872152b0476ef47f5fbbfba3167341313e93
SHA256

c3af8394de33ff4ce336ed982098f0d94d2c88446e83f90204e8d5ca96174c7d
SHA512

b628a3587c866937cab14f07feb200465556a7741018ee83e6ae0ee922b3d6d50877798fd704b4ee1cff14400a8c06225e36a8fb9615b6ae5e687bf0915a7528
SSDEEP

1536:fRfUdqpkHTl8LzG5xYp+ldOOgf6ot/TUKtU0s:fFUUpkuEPXgf6nKtU0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3989b343fe446621c6b2dc6d925889e4_JaffaCakes118

Files

3989b343fe446621c6b2dc6d925889e4_JaffaCakes118
.exe windows:42004 windows x86 arch:x86

fb9c3dbd7fc5fac613aedb392550fdf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
VirtualFree
CloseHandle
GetCurrentProcess
GetLastError
VirtualAlloc
GetVersionExA
CloseHandle
VirtualAlloc
SetLastError
HeapReAlloc
SetLastError
lstrcpyW
lstrlenW
DeleteCriticalSection
GetModuleHandleA
lstrcmpiW
VirtualAlloc
VirtualFree
GetVersionExA
GetCommandLineA
WriteFile
GetStartupInfoA
CreateThread
GetProcessHeap
InterlockedDecrement
GetCurrentProcess
ExitProcess
SetLastError
GetModuleHandleA
GetStartupInfoW
VirtualAlloc
MultiByteToWideChar
InterlockedDecrement
VirtualAlloc

user32

ReleaseDC
GetSystemMetrics
GetDesktopWindow
RegisterClassExW
SystemParametersInfoW
GetDlgItem
GetDlgItemTextW
CreateWindowExW
CallWindowProcW
LoadCursorW
GetMessageW
PostMessageW
ReleaseDC
FillRect
GetDlgItem
TranslateMessage
ScreenToClient
GetCursorPos
GetDesktopWindow
CreateWindowExW
wsprintfW
GetKeyState
EndDialog
RegisterClassExW
SetCursor
DestroyIcon
SystemParametersInfoW
SetDlgItemTextW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb9c3dbd7fc5fac613aedb392550fdf8

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 69KB - Virtual size: 84KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 69KB - Virtual size: 84KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB