6fb712774f1205c88b8a4f4d412c3930_JaffaCakes118

General

Target

6fb712774f1205c88b8a4f4d412c3930_JaffaCakes118
Size

101KB
MD5

6fb712774f1205c88b8a4f4d412c3930
SHA1

2de7b68007369e08eadcc86a6a36bc6a674052fe
SHA256

12d0f677200390b29d7d0a8e271da0adf2b7d3a8bed9fa5658544952f8eaa086
SHA512

49d60f795b7d564109b7021c054b691ca4e7a7a09b4892d2f94515e35f40d8a8f0d0a19d7b605f8b37e58df79257b71d107b003a8d1018c065a5746ccf9663ed
SSDEEP

3072:sWSS8qKz7xlSt2gJvuHG7y3BX0sHvP55jT2uvGl8IokQ8uOktpyyvn/zN2tM/svA:Wb4tEqYpBMF2b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb712774f1205c88b8a4f4d412c3930_JaffaCakes118

Files

6fb712774f1205c88b8a4f4d412c3930_JaffaCakes118
.exe windows:1 windows x86 arch:x86

d54c5a0b8ff071cdc70e096dffbafbbd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
VirtualFree
ExitProcess
SetThreadAffinityMask
FindResourceA
GetModuleHandleA
GetCurrentThread
DeleteFileA
LoadLibraryW
WaitForSingleObject
GetConsoleCP
SetUnhandledExceptionFilter
GetStartupInfoA
PulseEvent
InitializeCriticalSection
GetFileType
HeapReAlloc
FileTimeToSystemTime
lstrlenA
CompareStringA
GetTimeFormatA

gdi32

SetBkMode
GetTextExtentPoint32A
RestoreDC
CreateRectRgnIndirect
DeleteDC
ExtTextOutA
EndPage
BitBlt
EndDoc
SetTextColor
CreateCompatibleBitmap
LineTo

user32

MoveWindow
LoadMenuA
DialogBoxIndirectParamA
GetClassLongA
IsIconic
DestroyWindow
EnumWindows
ReleaseCapture
DefWindowProcA
TrackPopupMenu
CreatePopupMenu
CloseClipboard
SendMessageTimeoutA
RegisterWindowMessageA

msvcrt

_mbctombb
_mbsrchr
frexp
_wcmdln
__p__commode
_rmtmp
_wcsicmp
strncat
_mbslwr
__p__fmode
_initterm
_mbsnbcat
_unlock
tanh
iswascii
_adjust_fdiv
_XcptFilter
_except_handler3
__set_app_type
__setusermatherr
_mbsicmp
isalnum
_acmdln
_controlfp
cos
exit
exp
_exit
_mbctokata
memcpy
__getmainargs
sscanf
_fstat64

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d54c5a0b8ff071cdc70e096dffbafbbd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 92KB

.rsrc Size: 73KB - Virtual size: 72KB

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 92KB

.rsrc
Size: 73KB - Virtual size: 72KB