71fe04dc5c2dc277dfcd3bbf97a4a28d_JaffaCakes118

General

Target

71fe04dc5c2dc277dfcd3bbf97a4a28d_JaffaCakes118
Size

416KB
MD5

71fe04dc5c2dc277dfcd3bbf97a4a28d
SHA1

a320327e81d8963b0da7eb42d40d9e6914815acc
SHA256

7cdb88d5763ae1bfafb07a6992541176ecb7288f6ebd73d22ae51bb7abd6340f
SHA512

4c949e10021692ab174aa2822e6cdde610ce065fc2f04c65020df8737df37d92718e9edc204fbb3d5b3f1c6e775b59536aa46cf46f9b386a37be632da81ec624
SSDEEP

12288:zBK+9CzJjFhb+U/E/a2RcHN9xJ1+fWmNuLk5:zBG1TKW38kzyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71fe04dc5c2dc277dfcd3bbf97a4a28d_JaffaCakes118

Files

71fe04dc5c2dc277dfcd3bbf97a4a28d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20eca14a820550b6a83c83f05024e056

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetLastError
HeapCreate
LeaveCriticalSection
GetCurrentThreadId
CreateFileA
WriteConsoleW
TlsGetValue
CreateEventA
VirtualFree
UnmapViewOfFile
InitializeCriticalSection
CreateEventW
LocalFree
GetVersion
GetStringTypeW
GlobalLock
FindNextFileA
CreateFileMappingA
GetSystemTimeAsFileTime
ResetEvent
WriteFile
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
TlsFree
WideCharToMultiByte
RaiseException
SetStdHandle
GetProcessHeap
GetStringTypeA
GetProcAddress
GetCommandLineA
MultiByteToWideChar
SetErrorMode
UnhandledExceptionFilter
GetCommandLineW
GetConsoleOutputCP
GetCurrentProcessId
GetLocaleInfoA
GetEnvironmentStrings
GetCurrentProcess
DeleteCriticalSection
GetModuleFileNameA
GetFileAttributesW
GetVersionExA
FlushFileBuffers
TlsAlloc
GetTickCount
HeapDestroy
MulDiv
LCMapStringA
GetModuleFileNameW
lstrlenA
LoadResource
LCMapStringW
HeapFree
GetLastError
GetCurrentThread
GetModuleHandleA
ExitProcess
HeapAlloc
GetStartupInfoA
TerminateProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
TlsSetValue
GetEnvironmentVariableA
RtlUnwind
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA

user32

SetTimer
EnableMenuItem
BeginPaint
MessageBoxA
GetWindowRect
IsWindow
EnableWindow

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

qigkoqy
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

wcwgu
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

imuegci
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20eca14a820550b6a83c83f05024e056

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 30KB

qigkoqy Size: 316KB - Virtual size: 315KB

wcwgu Size: 20KB - Virtual size: 19KB

imuegci Size: 44KB - Virtual size: 40KB

.text
Size: 32KB - Virtual size: 30KB

qigkoqy
Size: 316KB - Virtual size: 315KB

wcwgu
Size: 20KB - Virtual size: 19KB

imuegci
Size: 44KB - Virtual size: 40KB