5ba2da20e3090f90fbedc2ae5dcf3e43_JaffaCakes118

General

Target

5ba2da20e3090f90fbedc2ae5dcf3e43_JaffaCakes118
Size

57KB
MD5

5ba2da20e3090f90fbedc2ae5dcf3e43
SHA1

7379fb585f1b751f01801488b911b83908ffe7a8
SHA256

67ee2c2757c611cdeef6c447e2dcb68f6195d630ffeab732cd0b789fa2d1c4e9
SHA512

f6159c450406ad2dcced1aee26f7c3f2444693c08b587852f0bc1675b52a289686d2a08112da6df93a9b6ca40ace84370c0e0b5327b278701c77c526d9a9d9dd
SSDEEP

1536:qQdIuO2DylcJx83T1y1iZ0jcSRn1cLOjWZZ//tT/YQwITtf:qQd3/Ngy6PZTPht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ba2da20e3090f90fbedc2ae5dcf3e43_JaffaCakes118

Files

5ba2da20e3090f90fbedc2ae5dcf3e43_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d56c581788ed0aa9d031e025c00d124e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
Sleep
LocalFree
LocalAlloc
ExitProcess
GetVersion
GetCommandLineA
GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
RtlUnwind
HeapFree
VirtualFree
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapDestroy
GetStringTypeW

user32

GetWindowTextLengthW
SystemParametersInfoW
GetScrollRange
ShowScrollBar
GetDlgItemInt
SetDlgItemInt
GetClassInfoExA
DestroyWindow
GetKeyNameTextA
GetWindowTextA
GetWindowTextLengthA
RegisterClassExA

ws2_32

WSAWaitForMultipleEvents
WSAAddressToStringA
send
WSACleanup
socket
WSAStartup
WSAEnumNetworkEvents

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d56c581788ed0aa9d031e025c00d124e

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 4KB - Virtual size: 1.0MB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 4KB - Virtual size: 1.0MB