62f389a35e922ac89d12aa6a646bf295_JaffaCakes118

General

Target

62f389a35e922ac89d12aa6a646bf295_JaffaCakes118
Size

412KB
MD5

62f389a35e922ac89d12aa6a646bf295
SHA1

c16d75e569a9ed4beb685e7d92d1410a9eb7e371
SHA256

d7cbe79b45763b83a4d95479d47c53edbe0cbf9e18f0fd9a74518d100990bf8d
SHA512

f6dd25eae689b0e28fa3916a7aa1b779a2393859bd08e31aec022a8e1ffffbe645c5e8377772e5c60f2a4fd89c6f6eff1d04a7a62010ad1d6fc8b6b5409f422d
SSDEEP

12288:Ati2GCayB50xzG4B88iZXAcmvapsNbo7cQovubRdTC+QOv:/2GfAPFdOvaicovutQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62f389a35e922ac89d12aa6a646bf295_JaffaCakes118

Files

62f389a35e922ac89d12aa6a646bf295_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab2774ca320986d47246d7fc356585e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
FormatMessageA
GetEnvironmentStrings
OutputDebugStringW
GetFileType
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetAtomNameW
GetCurrentProcessId
InitializeCriticalSection
LCMapStringA
EnumSystemCodePagesW
LocalLock
LeaveCriticalSection
FindResourceA
GetCurrentProcess
TlsFree
GetOEMCP
EnterCriticalSection
RtlUnwind
GetVersionExA
VirtualAlloc
ExitProcess
GetStartupInfoA
VirtualQuery
lstrlen
VirtualProtectEx
DeleteCriticalSection
TerminateProcess
HeapReAlloc
OpenProcess
IsBadWritePtr
QueryPerformanceCounter
GetModuleFileNameA
GetCurrentThread
GetModuleHandleA
GetStringTypeW
HeapDestroy
HeapAlloc
VirtualFree
InterlockedExchange
MultiByteToWideChar
GetComputerNameW
WriteFile
GetStdHandle
LoadLibraryW
SetLastError
FreeEnvironmentStringsA
GetCurrentThreadId
GetProfileStringW
EnumResourceNamesA
LoadLibraryA
HeapCreate
UnhandledExceptionFilter
GetCommandLineA
WideCharToMultiByte
HeapFree
GetACP
SetTimeZoneInformation
GetLastError
SetFilePointer
SleepEx
TlsGetValue
GetSystemTimeAsFileTime
GetVersion
GetTickCount
EnumResourceTypesA
GetProcAddress
TlsSetValue
TlsAlloc
LCMapStringW
SetHandleCount

wininet

InternetReadFileExA
UnlockUrlCacheEntryFileW
ShowX509EncodedCertificate
InternetShowSecurityInfoByURLA
DeleteUrlCacheGroup
InternetGetLastResponseInfoA

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab2774ca320986d47246d7fc356585e9

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 3KB - Virtual size: 11KB

.data Size: 277KB - Virtual size: 277KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 3KB - Virtual size: 11KB

.data
Size: 277KB - Virtual size: 277KB

.rsrc
Size: 9KB - Virtual size: 9KB