41868fbd71762bfe334ee76326cbfb7b_JaffaCakes118

General

Target

41868fbd71762bfe334ee76326cbfb7b_JaffaCakes118
Size

97KB
MD5

41868fbd71762bfe334ee76326cbfb7b
SHA1

81bc6d75c011f74a7470d3397c38e5c481349c09
SHA256

896c3941c18c08daff1f6eb500ddba8b6a907e846ef82082a78d2fc3f8bf0ebf
SHA512

3cef77e51c6ed7ad525c2929bdb6bf9e2fcd3763a0c814718b32ef9247ca285eec9edff10003b2bbe59aa64a178e288d4f655113a84eef4b7f3f115bcdcf4a75
SSDEEP

1536:7ANBDUTkos2tTw+Yurg3IrXbHTavjLxj0T75pKiwgKQ0zQ:72BNMw+YDqLHTav8zwgr0zQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41868fbd71762bfe334ee76326cbfb7b_JaffaCakes118

Files

41868fbd71762bfe334ee76326cbfb7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2013624a17443303508dd06eb349396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
VirtualAlloc
GetTickCount
CreateFileA
GetFileType
TlsGetValue
CreateFileW
UnmapViewOfFile
TerminateProcess
HeapReAlloc
FindFirstFileA
SetFilePointer
GetStringTypeA
WideCharToMultiByte
GetModuleHandleA
SetStdHandle
GetProcAddress
MultiByteToWideChar
GetWindowsDirectoryA
LockResource
GetLocaleInfoA
GetCurrentProcess
LoadLibraryA
FlushFileBuffers
VirtualProtect
ExitProcess
HeapDestroy
GetExitCodeProcess
EnterCriticalSection
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
RtlUnwind
WriteFile
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetStringTypeW
LCMapStringA
LCMapStringW

user32

GetSysColor

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2013624a17443303508dd06eb349396

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 416KB - Virtual size: 416KB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 416KB - Virtual size: 416KB

.rsrc
Size: 8KB - Virtual size: 6KB