68fd4e4ce4d23cdeedda9da7745a6151_JaffaCakes118

General

Target

68fd4e4ce4d23cdeedda9da7745a6151_JaffaCakes118
Size

131KB
MD5

68fd4e4ce4d23cdeedda9da7745a6151
SHA1

e9984a3ba251f4845a00f389a4b33ae54b2c1175
SHA256

5bbde28ed78dddceab667672afd2045eaff46f223563df7783d2856fc9f6ceb2
SHA512

b881252719c8586eaa6ca4376b8b1482627cb5de634a75869650ba90e849108d5c12af53092038f5fc52b211cd647c47878b2894ab1be3c9952f55bbba0afc42
SSDEEP

3072:Avx38SJFs4vj0UkoyD6e7nX70w0JFBLilKJ9SMInCB88W:mxXfvvoUkoy7DBSHDInAW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68fd4e4ce4d23cdeedda9da7745a6151_JaffaCakes118

Files

68fd4e4ce4d23cdeedda9da7745a6151_JaffaCakes118
.exe windows:1 windows x86 arch:x86

e41805020071637e70524bf73c760978

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_ismbcl0
_controlfp
fputc
_sopen
_acmdln
rename
_XcptFilter
wcspbrk
_exit
_adjust_fdiv
_ismbcpunct
_mbctype
tmpnam
_swab
_mbsrev
strstr
system
_initterm
__p__commode
puts
clock
_mktime64
_wtoi64
__p__fmode
floor
wcsstr
exit
_adj_fpatan
memcpy
__set_app_type
_except_handler3
_fsopen
_wstat
_set_error_mode
asctime
_mbscat
__getmainargs
__setusermatherr
_wcsupr

kernel32

HeapAlloc
TerminateProcess
GetConsoleMode
UnmapViewOfFile
GetComputerNameW
GetACP
SetErrorMode
GetLastError
GetModuleHandleA
HeapCreate
InterlockedIncrement
WaitForMultipleObjects
GetStartupInfoA
InitializeCriticalSection
MulDiv
GetCurrentProcessId
SetFilePointer
DeviceIoControl
VirtualProtect
VirtualAlloc
InterlockedDecrement
ExpandEnvironmentStringsA

user32

GetWindowRect
SetPropA
FindWindowA
SetUserObjectSecurity
CopyRect
GetClientRect
CreateWindowExA
LoadImageA
DestroyWindow
SendMessageA
OffsetRect
DialogBoxParamA
IsZoomed
GetMenu
SetDlgItemTextA
RegisterClassExA
UnionRect
CallWindowProcA
DialogBoxIndirectParamA
LoadMenuA
GetDC
GetActiveWindow
LoadIconA
MoveWindow
GetForegroundWindow
GetPropA
BeginPaint

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e41805020071637e70524bf73c760978

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 103KB - Virtual size: 140KB

.rsrc Size: 19KB - Virtual size: 18KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 103KB - Virtual size: 140KB

.rsrc
Size: 19KB - Virtual size: 18KB