6fb751d5f12c06c773214aae2c31ed0d_JaffaCakes118

General

Target

6fb751d5f12c06c773214aae2c31ed0d_JaffaCakes118
Size

34KB
MD5

6fb751d5f12c06c773214aae2c31ed0d
SHA1

da1f14af7b0d1b1e68c13390b0f4d05a411b8fc1
SHA256

c11177dd9e70700871c40b52cf3d44ee6c28617165bf6cb7691aa12ce8d51c94
SHA512

94aa7daa0f5acf5458b0d690a0ea4a9aa69ff8d6666afba1e8a2871e6a40273f52ae1de3f39e1a8ed5dbc8a9290648f330d3b13a6c17b87a40318b791137bde4
SSDEEP

768:80KZl7CqM1a7fE8aBwO7RCGKWv8KEOWQ5OUwuq1na:80KZlzMs7qBwfrwPsACa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fb751d5f12c06c773214aae2c31ed0d_JaffaCakes118

Files

6fb751d5f12c06c773214aae2c31ed0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d480ecd48cd7480f4731d6bf70fff8d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
GetCurrentThreadId
GetTickCount
ExitProcess
GetModuleFileNameA
GetModuleHandleA
Sleep
LoadLibraryA
ExitThread
VirtualAlloc
GetProcessHeap
GetThreadPriority
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
GetLastError
GetStartupInfoA
GetProcessTimes
GetPriorityClass
GetCommandLineA
CloseHandle

user32

GetWindowDC
CreateWindowExA
ShowWindow
GetWindowTextLengthA
GetActiveWindow
OpenIcon
GetDC
GetWindow
BeginPaint
GetSystemMetrics
GetFocus
GetWindowLongA
RegisterClassA
UpdateWindow
IsWindowVisible
GetClassLongA
GetForegroundWindow
GetWindowTextA
ReleaseDC

advapi32

GetUserNameA
IsTextUnicode
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerLanguageNameA
VerQueryValueA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TLS
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d480ecd48cd7480f4731d6bf70fff8d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 24KB

.TLS Size: 512B - Virtual size: 40B

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 24KB

.TLS
Size: 512B - Virtual size: 40B

.rsrc
Size: 5KB - Virtual size: 4KB