81e31af9062a9162a863122ac4d901c3_JaffaCakes118

General

Target

81e31af9062a9162a863122ac4d901c3_JaffaCakes118
Size

756KB
MD5

81e31af9062a9162a863122ac4d901c3
SHA1

5ebf9840fa7c2ccbfbcf83090a3f2db97a59700d
SHA256

10db8ea7ea99b86ec957a689b2fcd5d34fee00ba7eb50ead4fa04949a01fec92
SHA512

34db971a1223065bdfb95405e3fa6a096ad7c3849326e42dee269b97ce83c0b53ae6aa82a3ef7eaa15d7ed6291f66a973ae62a06992169fe5ddbdab71b5d7510
SSDEEP

12288:BxUJyfYNf7++oTYdl7304tztAh4OVSlECkechXFPUwmINtAN13Px86/JAecdw:QPQ+5dl7EYtAyOslEdDmWtANdPyAaecS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81e31af9062a9162a863122ac4d901c3_JaffaCakes118

Files

81e31af9062a9162a863122ac4d901c3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f658e0e4b3fb1173a06b1b24319e878f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
UnhandledExceptionFilter
ReadFile
LoadLibraryA
LeaveCriticalSection
LocalAlloc
MultiByteToWideChar
LocalFree
CreateEventW
InterlockedCompareExchange
LoadLibraryW
InterlockedExchange
GetTickCount
VirtualAlloc
InterlockedCompareExchange
GetSystemTimeAsFileTime
LoadLibraryW
GetSystemTimeAsFileTime
InterlockedExchange
LoadLibraryW
InitializeCriticalSection
GetCurrentThreadId
GetCurrentProcessId
InterlockedIncrement
HeapAlloc
InterlockedExchange
FreeLibrary
GetVersionExA
GetProcessHeap
CreateThread
CreateFileW
HeapFree
lstrcmpiW
GetModuleHandleW
CloseHandle
CloseHandle
DeleteCriticalSection
GetProcessHeap
CloseHandle
CloseHandle
MultiByteToWideChar
LeaveCriticalSection
GetProcessHeap
LocalFree
InitializeCriticalSection
DisableThreadLibraryCalls
GetModuleHandleW
CreateThread
GetProcessHeap
EnterCriticalSection

user32

GetDlgItem
KillTimer
SetDlgItemTextW
SendDlgItemMessageW
SetForegroundWindow
SetTimer
EnableWindow
SetFocus
PostQuitMessage
EndPaint
BeginPaint
SetForegroundWindow
BeginPaint
GetClientRect
EnableWindow
LoadCursorW
SetWindowPos
SendDlgItemMessageW
CharNextW
SetTimer
DefWindowProcW
PostMessageW
CharNextW
PostQuitMessage
PostQuitMessage
IsWindow
TranslateMessage
LoadIconW
EndPaint
IsWindow
DestroyWindow
GetFocus
SetFocus
BeginPaint
SetWindowLongW
EnableWindow
IsDlgButtonChecked
PeekMessageW
InvalidateRect
SetWindowLongW
ShowWindow
SetFocus
TranslateMessage
BeginPaint
LoadIconW
PostQuitMessage
KillTimer
PostMessageW
SetTimer
DefWindowProcW

Sections

.text
Size: 751KB - Virtual size: 1.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f658e0e4b3fb1173a06b1b24319e878f

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 751KB - Virtual size: 1.4MB

.rdata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 751KB - Virtual size: 1.4MB

.rdata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB