7585498f75523f4440aa31961cc62abe_JaffaCakes118

General

Target

7585498f75523f4440aa31961cc62abe_JaffaCakes118
Size

52KB
MD5

7585498f75523f4440aa31961cc62abe
SHA1

476e962591a0ad4920b6757dcae286ec0bb777f5
SHA256

ffdcbc5807cf2f9d3a5c0c35413378f06e2ebbb9c9df8457b820d94334653fd6
SHA512

46ff7e5c446977d9b765d02b006581bf258ffc1a6b2877f56299ee8821dd27aa6ebeb2c87149e28ed41c3f16d99b7c97bf8ccd6e1c3b0aff989c4d3922ec1476
SSDEEP

768:OYPLNGOt5UEikwQSDbZi1hEPtMGkmd38iL89r1Rt2vANLPdWSa+6fgpx6:OWLUOt2EikwPb5uGFBKr1RtPNJhV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7585498f75523f4440aa31961cc62abe_JaffaCakes118

Files

7585498f75523f4440aa31961cc62abe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

36d10fec78c57c2e7fa956be370ff031

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoA
GetStartupInfoW
GetTickCount
GetVersionExA
HeapReAlloc
HeapSize
IsBadReadPtr
IsBadStringPtrW
IsBadWritePtr
IsDebuggerPresent
GetCurrentDirectoryA
ReadProcessMemory
ResetEvent
RtlMoveMemory
SetEvent
Sleep
SleepEx
TlsSetValue
VirtualAlloc
VirtualFree
VirtualProtect
WaitForDebugEvent
WaitForSingleObjectEx
WriteFile
lstrlenA
lstrlenW
ExitProcess
DeviceIoControl
CreateThread
CreateFileA
CreateDirectoryExA
CopyFileA
CompareStringW
ReadFile
CloseHandle

wsock32

WSAStartup
WSACleanup
gethostbyname

user32

KillTimer
LockWorkStation
MessageBoxA
SetClassWord
SetMenuContextHelpId
SetUserObjectInformationA
SetUserObjectInformationW
UnregisterHotKey
Win32PoolAllocationStats
GetMessageA
GetMenuItemRect
CharUpperA
wsprintfA
GetShellWindow

gdi32

CreateRectRgn
DeleteDC
ExtTextOutW
SaveDC
SetBkColor
SetBkMode
TextOutW
BitBlt

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36d10fec78c57c2e7fa956be370ff031

Headers

File Characteristics

Imports

kernel32

wsock32

user32

gdi32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 16KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 16KB