6147baf12ee381c981b0bcec8d92716c_JaffaCakes118

General

Target

6147baf12ee381c981b0bcec8d92716c_JaffaCakes118
Size

204KB
MD5

6147baf12ee381c981b0bcec8d92716c
SHA1

7e402bce99943cbc03c9aa38306fdd427feec8d6
SHA256

3cca1c54e8f40c2c275533619f3c0b6cbedae32c3f8be08c8c0f8a91af228b94
SHA512

28cc7b63960701d715596d78006d4f564376df81ae78646641ac105161fa82d01f12e15beb385944e96402f37e75cf8688d23a638229f959edda501439d46599
SSDEEP

6144:AQFNQLlH6brICCMknfpegOKtItTBw5EbK:AQFNQ6rIlPnfpOKtIqA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6147baf12ee381c981b0bcec8d92716c_JaffaCakes118

Files

6147baf12ee381c981b0bcec8d92716c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fae9bc7511107fcb03db953545cf548e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetProcAddress
GetEnvironmentStrings
LoadLibraryA
FlushFileBuffers
VirtualFree
VirtualProtect
GetModuleHandleA
Sleep
LCMapStringW
LCMapStringA
HeapSize
SetFilePointer
ReadFile
GetStringTypeW
GetStringTypeA
GetCPInfo
GetTickCount
VirtualAlloc
GetOEMCP
GetACP
SetStdHandle
HeapReAlloc
GetSystemInfo
HeapAlloc
MultiByteToWideChar
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
HeapFree
GetLastError
CloseHandle
InterlockedExchange
VirtualQuery
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
GetLocaleInfoA

user32

UpdateWindow
GetDesktopWindow
MessageBoxA
DestroyWindow
PostMessageA
EnableWindow
LoadBitmapA

gdi32

GetPixel
SelectObject

shell32

DuplicateIcon

psapi

GetModuleInformation
GetModuleBaseNameA

msvfw32

ICCompressorFree
DrawDibStart

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fae9bc7511107fcb03db953545cf548e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

psapi

msvfw32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 152KB - Virtual size: 217KB

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 152KB - Virtual size: 217KB