5fbfaeaaa4b39237363630996f64eb9d_JaffaCakes118

General

Target

5fbfaeaaa4b39237363630996f64eb9d_JaffaCakes118
Size

148KB
MD5

5fbfaeaaa4b39237363630996f64eb9d
SHA1

4fa9a238270283c4f203f56d093bf6597f4352e7
SHA256

e3fc5bf143b740b1e1425aa7d86a718e1b3c1a035d515f35ef4d523164bd6769
SHA512

d659cd42916d67029c8b89e3798cf48507ec50c9bb5c36cafb189f2a810dab23162c6938ddccaa7ea5cfdb99fea282bad3a437dda115a614b277a43b3d527423
SSDEEP

3072:qiabwCXIDy3vOdpSM6PiPb6cE2nUe44hc+e8FNDtsic6iElF:qNgK6H6cnTECtsic6iEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fbfaeaaa4b39237363630996f64eb9d_JaffaCakes118

Files

5fbfaeaaa4b39237363630996f64eb9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb120e851ed1092d80ae1e2139315736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
LCMapStringW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GlobalSize
FindClose
LoadLibraryA
GetProcAddress
lstrcpynW
GetSystemInfo
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
lstrcmpiW
SetFileAttributesW
GetLastError
WaitForMultipleObjects
RtlUnwind

user32

FindWindowW
SetScrollInfo

gdi32

CreatePatternBrush
SetROP2
GetTextMetricsW
OffsetWindowOrgEx

comdlg32

ReplaceTextW
ChooseFontW

advapi32

RegFlushKey
RegQueryInfoKeyA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb120e851ed1092d80ae1e2139315736

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 115KB - Virtual size: 341KB

.rsrc Size: 4KB - Virtual size: 8KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 115KB - Virtual size: 341KB

.rsrc
Size: 4KB - Virtual size: 8KB