43d3a8198abf7caf0df5ab1059c23bf6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43d3a8198abf7caf0df5ab1059c23bf6_JaffaCakes118
Size

166KB
MD5

43d3a8198abf7caf0df5ab1059c23bf6
SHA1

dbc1b914bd4b7916324615c75e9fbadbc6e618f8
SHA256

c1b58391cd26fa4575cdbe6276da70ae889bee5cf89ffb62bbb1cf0f93ea30e6
SHA512

db72190ef527798b86aacd2faef78d361494914a943be74597b2bc51aeaf646f10a1cfc218897fd575cdba12994eef74e39a64d3f0fce31f9b6dc4c80dffddde
SSDEEP

1536:RAgW/9c9MTuyVHzEfrvdve3BbAFmBd3lwb3kg5OK9FmndVK79a/krct45WNcBg:RAgW/9OFkROmBd3c5OKFQWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43d3a8198abf7caf0df5ab1059c23bf6_JaffaCakes118

Files

43d3a8198abf7caf0df5ab1059c23bf6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

882d700dd529ee52c09e624c4c740942

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
ExitProcess
ExitThread
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FlushConsoleInputBuffer
FreeLibrary
GetACP
GetCommandLineA
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetThreadPriority
GetVersionExA
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
ReadConsoleInputA
ReadFile
ReadProcessMemory
ResetEvent
ResumeThread
ScrollConsoleScreenBufferA
SetConsoleCursorPosition
SetConsoleOutputCP
SetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateThread
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteConsoleInputA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
WriteFile

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

user32

CharLowerBuffW
CharUpperBuffW
GetKeyboardLayout
MessageBoxA
SetActiveWindow
VkKeyScanExA

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_MEM_DISCARDABLE

.stabstr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

882d700dd529ee52c09e624c4c740942

Headers

File Characteristics

Imports

kernel32

oleaut32

user32

Sections

.text Size: 92KB - Virtual size: 92KB

.data Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 15KB

.idata Size: 2KB - Virtual size: 2KB

.stab Size: 16KB - Virtual size: 16KB

.stabstr Size: 4KB - Virtual size: 4KB

.text
Size: 92KB - Virtual size: 92KB

.data
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 15KB

.idata
Size: 2KB - Virtual size: 2KB

.stab
Size: 16KB - Virtual size: 16KB

.stabstr
Size: 4KB - Virtual size: 4KB