5bf9edd11ed6db2e06932b9e577f3a37_JaffaCakes118

General

Target

5bf9edd11ed6db2e06932b9e577f3a37_JaffaCakes118
Size

394KB
MD5

5bf9edd11ed6db2e06932b9e577f3a37
SHA1

1cea2bd2be26244acf32d68f49bb5773946fe12c
SHA256

496b3e5f435e8cd4b740ce3cbe34679bfa6483a5a36f4b37640004bb3219f7fe
SHA512

53e62a2588e4af185b8a3d2a976931eb2583bb3436bfdcefc1d8ecaa75d99d827be4fe95d3e0463a17d5c7f321e8dba746a782fcf5cda8ec938e8ba47f7a2ec2
SSDEEP

6144:Y0iinxnBWv5Kx+GJl4pFl8SLj6YYgHoLQkfoiVm3ihIEs8Vg0URkr4yGT:x7y0x54dNKCmr1VDjs8VPURkr4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bf9edd11ed6db2e06932b9e577f3a37_JaffaCakes118

Files

5bf9edd11ed6db2e06932b9e577f3a37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

921b57ab73691b250a1947d1f1b8ca9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
HeapDestroy
SetHandleCount
GetCurrentThread
GetProcAddress
GetStartupInfoA
HeapReAlloc
TlsAlloc
GetEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcessId
HeapAlloc
EnterCriticalSection
InitializeCriticalSection
VirtualFree
GetModuleHandleA
OpenSemaphoreW
IsDebuggerPresent
CreateDirectoryExA
InterlockedExchange
MultiByteToWideChar
FreeEnvironmentStringsW
GetLastError
LeaveCriticalSection
GetCommandLineW
DeleteCriticalSection
TlsGetValue
FindFirstFileA
GetEnvironmentStrings
ExitProcess
GetTickCount
GetConsoleTitleA
EnumResourceNamesW
HeapFree
GetStdHandle
GetModuleFileNameA
SetConsoleCP
LoadLibraryA
QueryPerformanceCounter
GetStartupInfoW
VirtualAlloc
TlsFree
GetFileType
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetVersion
IsBadWritePtr
SetLastError
TlsSetValue
GetTempPathA
FreeEnvironmentStringsA
GetModuleFileNameW
GetSystemTimeAsFileTime
HeapCreate
GetCommandLineA

user32

CallMsgFilterA
DdeQueryStringA

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

921b57ab73691b250a1947d1f1b8ca9a

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 119KB - Virtual size: 119KB

.data Size: 265KB - Virtual size: 265KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 119KB - Virtual size: 119KB

.data
Size: 265KB - Virtual size: 265KB

.rsrc
Size: 8KB - Virtual size: 8KB