71d876fa9afc8d5cf91daa71ddfa2f40_JaffaCakes118

General

Target

71d876fa9afc8d5cf91daa71ddfa2f40_JaffaCakes118
Size

375KB
MD5

71d876fa9afc8d5cf91daa71ddfa2f40
SHA1

f6b97136291a84b5d6792cef8f2a0f41c8bbde74
SHA256

5981a21184025f55fa301128c68e6402b3dc140ef554d63ac4738c0fd87802cc
SHA512

6c797396af96c763fc35b87f8e128c38993bfa445af3115c3d5455209007c4f423eabc863712b23ea1ff4737d2d5d563643579b9cb941e7ed1d3c21f471fb4c9
SSDEEP

6144:JlCs+ljeKuM2eWenwXbBfIsyN26qePimvaILwZv/dLALIIaKGMXBp+2LMXVf:J0Jjz9fJnwlfIsDSimZLgdLAMzKbxp+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d876fa9afc8d5cf91daa71ddfa2f40_JaffaCakes118

Files

71d876fa9afc8d5cf91daa71ddfa2f40_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7956aa836106fb2ef2ccec42ca6b5a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetConsoleTitleW
FileTimeToDosDateTime
WriteConsoleA
RtlUnwind
LocalUnlock
ReadConsoleA
GetCurrentProcess
GetProcAddress
VirtualAlloc
VirtualProtectEx
InterlockedCompareExchange
HeapReAlloc
HeapAlloc
EnumResourceTypesW
LocalAlloc
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
FlushFileBuffers
GetStringTypeW
OpenFileMappingW
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
ResumeThread
GetFileAttributesExA
GetProcessAffinityMask
QueryPerformanceCounter
CreateSemaphoreA
GetCurrentDirectoryW
GetStartupInfoA
VirtualQuery
GetCurrentThreadId

comdlg32

GetSaveFileNameA
PageSetupDlgW
PrintDlgA
LoadAlterBitmap
GetOpenFileNameA
ReplaceTextA

gdi32

CopyEnhMetaFileW
PolyBezierTo
CreateFontIndirectA
GetEnhMetaFileDescriptionA
GetRasterizerCaps
CreatePatternBrush
InvertRgn
GetGlyphOutline
GetMetaFileA
CreateDiscardableBitmap
GetRegionData
UpdateColors
GetSystemPaletteEntries
CreateEllipticRgnIndirect
EnumFontFamiliesExW
CreateRectRgn
EqualRgn

Sections

.text
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7956aa836106fb2ef2ccec42ca6b5a3

Headers

File Characteristics

Imports

kernel32

comdlg32

gdi32

Sections

.text Size: 102KB - Virtual size: 102KB

.data Size: 263KB - Virtual size: 263KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 102KB - Virtual size: 102KB

.data
Size: 263KB - Virtual size: 263KB

.rsrc
Size: 8KB - Virtual size: 7KB