85224c9b69b97a31039a0ab8ae8f9445_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85224c9b69b97a31039a0ab8ae8f9445_JaffaCakes118
Size

65KB
MD5

85224c9b69b97a31039a0ab8ae8f9445
SHA1

46717e9e35c90ac13ee045a178befc6209991836
SHA256

c0a6d28d6ece910c215a8311c23bc85ef68f187bcee5c0d0dd059beb54f418ea
SHA512

0f1d9a100e5294631eb2bfef78e07d22a4fe96cf7e7202a1aec0bf17f6aa6afe279fec448852d89de0547a608c26adf8bbafc4e3b8e55e7cfbeeb2097a732e77
SSDEEP

1536:u/MpIeZ5NcZTdDy07qqpgJz9DCsFSHWR/e0G:RZ5NcZTdDy0tOCUSH8eD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85224c9b69b97a31039a0ab8ae8f9445_JaffaCakes118

Files

85224c9b69b97a31039a0ab8ae8f9445_JaffaCakes118
.exe windows:1 windows x86 arch:x86

bc5a190f0e6e00d6ef3d97186c79ca92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
WideCharToMultiByte
GetVersionExA
SetEvent
CreateThread
LoadLibraryW
HeapAlloc
GetModuleFileNameA
InterlockedIncrement
GetLastError
GetCommandLineA
HeapReAlloc
TerminateProcess
LeaveCriticalSection
ExitProcess
SetFilePointer
VirtualFree
GetACP
GetModuleHandleA
UnhandledExceptionFilter
WideCharToMultiByte
VirtualAlloc
HeapReAlloc
SetLastError
UnhandledExceptionFilter
GetProcessHeap

user32

WinHelpW
DestroyIcon
PtInRect
EnableMenuItem

comctl32

ImageList_BeginDrag
ImageList_Add
ImageList_Write
ImageList_GetBkColor

Sections

.text
Size: 55KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test1
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test3
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test4
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test5
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test6
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc5a190f0e6e00d6ef3d97186c79ca92

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 55KB - Virtual size: 236KB

.idata Size: 2KB - Virtual size: 4KB

.test1 Size: 512B - Virtual size: 4KB

.test2 Size: 512B - Virtual size: 4KB

.test3 Size: 512B - Virtual size: 4KB

.test4 Size: 512B - Virtual size: 4KB

.test5 Size: 512B - Virtual size: 4KB

.test6 Size: 512B - Virtual size: 4KB

.data Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 28B

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 55KB - Virtual size: 236KB

.idata
Size: 2KB - Virtual size: 4KB

.test1
Size: 512B - Virtual size: 4KB

.test2
Size: 512B - Virtual size: 4KB

.test3
Size: 512B - Virtual size: 4KB

.test4
Size: 512B - Virtual size: 4KB

.test5
Size: 512B - Virtual size: 4KB

.test6
Size: 512B - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 28B

.rsrc
Size: 1024B - Virtual size: 4KB