5b870444b69362170eb7d5802467ca7a_JaffaCakes118

General

Target

5b870444b69362170eb7d5802467ca7a_JaffaCakes118
Size

54KB
MD5

5b870444b69362170eb7d5802467ca7a
SHA1

7e6e46d995983234ec8df6ef6c3547a1cbd92fff
SHA256

21c9fa0eec131ee6f36adf0e6a7a13d010a921acad5601fcd454693809404f79
SHA512

f2d3850405944126a8b457ec28465caffb8e31e1b8d1d7ea9a00a558942c631a0d487608217027e6909b71de460aa520e48a4a6917077339805b894b9a108fa6
SSDEEP

768:j4qIPP/ebB5EOej0WzLDz2UIAmdK9wc6pHIKShFE4Gtpm1NRDDXKcLLNafT:j4qIPebLajHzfZmdC6m7Im13TKcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b870444b69362170eb7d5802467ca7a_JaffaCakes118

Files

5b870444b69362170eb7d5802467ca7a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b1544d203c47922272a6ce16acca9da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoA
GetStartupInfoW
GetTickCount
GetVersionExA
HeapFree
HeapSize
IsBadReadPtr
IsDebuggerPresent
LocalFree
GetModuleFileNameA
SetErrorMode
SetEvent
SetHandleCount
SetLastError
SizeofResource
Sleep
SleepEx
VirtualAlloc
VirtualFree
VirtualProtect
VirtualProtectEx
WriteFile
lstrcpyA
lstrlenA
GetLocalTime
GetFileSize
GetCurrentDirectoryA
ExitProcess
DeviceIoControl
CreateThread
CreateFileA
CreateEventW
CopyFileA
ReadFile
CloseHandle

wsock32

WSAStartup
WSACleanup
gethostbyname

user32

GetMessageA
GetParent
GetShellWindow
GetWindowLongA
GetWindowRect
IsChild
PeekMessageW
RegisterClassW
SetRect
TranslateMessage
WaitMessage
GetFocus
GetClientRect
GetCapture
DispatchMessageA
CharUpperA
wsprintfA
GetLastInputInfo

gdi32

GetLayout
GetObjectA
GetObjectW
GetTextColor
PatBlt
SetBrushOrgEx
SetMapMode
SetRectRgn
TextOutW
ExtTextOutA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2b1544d203c47922272a6ce16acca9da

Headers

File Characteristics

Imports

kernel32

wsock32

user32

gdi32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 16KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 16KB