642ded62f2ccf632ad1bcd8eaab83b03_JaffaCakes118

General

Target

642ded62f2ccf632ad1bcd8eaab83b03_JaffaCakes118
Size

548KB
MD5

642ded62f2ccf632ad1bcd8eaab83b03
SHA1

cc6c04967b1741c9cb0afca44c71a374b4cc2d43
SHA256

6cc7ca8a5bd9928624418347e6d5173c885245e594c4fc3012f04ad050742634
SHA512

3d82efdbc79b73e4c72d9412e378f717d366fcc79cde76c54df60770e1681dc142378cc9b835e82f3c700d19b547f5fbcbe5d7b6a25d8dd4193d8c12e61dc61b
SSDEEP

12288:Ps2RVm021/I9aViaP+wsU85jqcxsGAb3doaZrzxBA2Sf58VT/:E2/2yaViaP+wsE2lEt7d62GKVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
642ded62f2ccf632ad1bcd8eaab83b03_JaffaCakes118

Files

642ded62f2ccf632ad1bcd8eaab83b03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a28403f900db261d15ed14ca6269648c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
PostQuitMessage
ShowWindow
SetWindowPos
DispatchMessageA
MoveWindow
ReleaseDC
CheckMenuItem
EnableWindow
EndPaint

kernel32

GetLastError
LCMapStringW
LeaveCriticalSection
GetCurrentThreadId
CreateFileA
GetFileType
Sleep
HeapDestroy
LoadResource
WriteConsoleA
QueryPerformanceCounter
TerminateProcess
GetVersion
GetStringTypeW
FindNextFileA
GetSystemTimeAsFileTime
CloseHandle
FindFirstFileA
WriteFile
InterlockedExchange
ReadFile
SetFilePointer
GetStringTypeA
WideCharToMultiByte
GetProcessHeap
HeapSize
MultiByteToWideChar
GetWindowsDirectoryA
GetFileSize
GetLocaleInfoA
GetCurrentProcess
FreeEnvironmentStringsA
GetFileAttributesW
GetEnvironmentStringsW
IsDebuggerPresent
FindFirstFileW
SetEvent
SetHandleCount
HeapFree
VirtualAlloc
HeapAlloc
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetProcAddress
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStdHandle
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
RtlUnwind
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
LCMapStringA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a28403f900db261d15ed14ca6269648c

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 488KB - Virtual size: 487KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 488KB - Virtual size: 487KB

.rsrc
Size: 4KB - Virtual size: 2KB