62db80d37cc9181a2897ee5c94b493a4_JaffaCakes118

General

Target

62db80d37cc9181a2897ee5c94b493a4_JaffaCakes118
Size

89KB
MD5

62db80d37cc9181a2897ee5c94b493a4
SHA1

11cd142a16147aa6d8285fb2bd44cf40b7def9f8
SHA256

eccc3515ac3149c069f34f4397efd2772cf361f818d57ad9c692ca96c94ff869
SHA512

fbc409ed3cad897604fe6c030c1aa1eb0fbec06668444c308e179b546f1cb46fd0f773ee98fa9e0d4ee837daa468c1c10afd6b90eb729ce24b571520b69be457
SSDEEP

1536:MilXjrmHdg/gRyPj9FG9zUJ9CS8Z7Tehpv1BScxUTeG4tcSvFr3zZZ0zYTk:pjrHFxQ9Cx8hev5GWtcSvFrzBk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62db80d37cc9181a2897ee5c94b493a4_JaffaCakes118

Files

62db80d37cc9181a2897ee5c94b493a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

040d5d894307fb5df84fcf9102f23e88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetVersionExW
OpenProcess
GlobalFree
QueryPerformanceFrequency
GlobalAlloc
MulDiv
GetLocaleInfoW
GlobalLock
FlushFileBuffers
GetVersion
LocalFree
LocalAlloc
HeapReAlloc
HeapCreate
HeapFree
HeapAlloc
RemoveDirectoryW
FindFirstFileW
FindNextFileW
TlsSetValue
TlsAlloc
GetCurrentProcessId
WriteConsoleA
FindClose
FindFirstFileA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
WriteFile
VirtualFree
HeapDestroy
GetStartupInfoA
GetFileType
SetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter

user32

FillRect
GetActiveWindow
CreatePopupMenu
GetSysColorBrush
AppendMenuA
DrawFrameControl
PostMessageW
IsDialogMessageW
GetMessageA
DrawIcon
LoadIconW
ReleaseCapture
LoadImageA
WindowFromPoint
CheckMenuRadioItem
DispatchMessageW
DeferWindowPos
TranslateMessage
IsWindowEnabled
CheckMenuItem
GetClassNameA
SetDlgItemInt
ClientToScreen
FrameRect
GetScrollRange
GetDlgItemInt
SetWindowLongA

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

040d5d894307fb5df84fcf9102f23e88

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 26KB - Virtual size: 129KB

.rsrc Size: 1024B - Virtual size: 936B

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 26KB - Virtual size: 129KB

.rsrc
Size: 1024B - Virtual size: 936B