5f320dcd4215ef4df061ed6d723609b3_JaffaCakes118

General

Target

5f320dcd4215ef4df061ed6d723609b3_JaffaCakes118
Size

64KB
MD5

5f320dcd4215ef4df061ed6d723609b3
SHA1

d2cccdc0e1f555e307a5586f52128de31c3109d0
SHA256

e303f56faa16790ea8b9ac39a0c8ee186b4b77d46ee3af37bb482868ba964e12
SHA512

50cb77f3bda54acba9e254a54c22a01363ec1ae90a665a984c2f57138ef8ac6ba8251f26bee1eb4dfc120b48e619eae853d768332ed260d71e1fa1430cd439b4
SSDEEP

1536:o05GuQVlS4BPwmfK4RaFlrLmGGk3rk7YZawPp:o05HQVlS4BPwzlrLLGk3rOY4wPp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f320dcd4215ef4df061ed6d723609b3_JaffaCakes118

Files

5f320dcd4215ef4df061ed6d723609b3_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2db535c7ff0b3c0327df5a478a5fd813

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_sleep
__set_app_type
_XcptFilter
_setmbcp
_except_handler3
fgetwc
_controlfp
_statusfp
__p__fmode
__getmainargs
memcpy
_acmdln
exit
_adjust_fdiv
__p__commode
strpbrk
iscntrl
__setusermatherr
_initterm
_exit

kernel32

FlushFileBuffers
RtlUnwind
GetEnvironmentVariableA
GetLastError
FreeEnvironmentStringsW
GetModuleFileNameA
GetProcessHeap
GetStartupInfoA
LockResource
TerminateProcess
SetHandleCount
GetModuleHandleA
LoadResource
GetThreadContext
MapViewOfFile
HeapAlloc
GetExitCodeThread
ReadProcessMemory
SetErrorMode
TerminateThread
GetStdHandle
lstrcmpA
GetStringTypeW
GetFileType
GetProcessWorkingSetSize
PulseEvent
GetCommandLineW
TlsFree
lstrcatA
FindClose
HeapFree
GetConsoleOutputCP
InterlockedExchange
InterlockedDecrement
VirtualProtect
FreeLibrary
InitializeCriticalSection
WideCharToMultiByte
IsBadStringPtrA
SetProcessWorkingSetSize
SetEvent
SetStdHandle
GetSystemDirectoryA
GetCurrentProcessId
GetProcessAffinityMask
GetOEMCP
GetFileAttributesA
HeapCreate
IsDebuggerPresent

user32

GetKeyState
CreateWindowExA
ChildWindowFromPoint
GetDC
LoadAcceleratorsA
PtInRect
DestroyWindow
GetWindowRect
SetWindowLongA
UnionRect
IsZoomed
EndDialog
GetForegroundWindow
OffsetRect
EnumChildWindows
FindWindowA
GetClassNameA
GetActiveWindow
LoadMenuA
SendMessageA
EndDeferWindowPos
LoadIconA
DrawFrameControl
CopyRect
LoadImageA
GetMenu
DialogBoxParamA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2db535c7ff0b3c0327df5a478a5fd813

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 42KB - Virtual size: 116KB

.rsrc Size: 12KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 42KB - Virtual size: 116KB

.rsrc
Size: 12KB - Virtual size: 16KB