8740587f3323c1523b1ebd1653997a50_JaffaCakes118

General

Target

8740587f3323c1523b1ebd1653997a50_JaffaCakes118
Size

199KB
MD5

8740587f3323c1523b1ebd1653997a50
SHA1

7d633faee411eb470b9915f029fbff95b292d25e
SHA256

79393e2125a04995de1b7ff11e6edc6fe56232cb7a41e2b2fe19ba1919e231b6
SHA512

1a1de50e76c05a4f3848695f2b373b90cf5c1e7110d16ef8f674c9cb013cf2ba194eb9048008812447e9b5806e638d2f56a6e3ad99099db5b217356918fb69c5
SSDEEP

3072:nmAK3ti+CXW6Qwrh74JShFeu9EDOnrViqzJR3wuX:Mg/XRPhMJSJaO1RAuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8740587f3323c1523b1ebd1653997a50_JaffaCakes118

Files

8740587f3323c1523b1ebd1653997a50_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f1892525c78cf995d0c85c3afed2a90f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
WriteFile
HeapReAlloc
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
CreateEventA
GetCurrentProcessId
TlsSetValue
GetStdHandle
GetStartupInfoA
GetComputerNameW
UnhandledExceptionFilter
InterlockedIncrement
WaitForMultipleObjects
PulseEvent
lstrlenA
GetNumberFormatA
GetThreadContext
InterlockedDecrement
GetProcessAffinityMask
MapViewOfFile
UnmapViewOfFile
lstrcmpA
InterlockedExchange
SearchPathA
LCMapStringA
GlobalReAlloc
LocalFree
OpenEventA
GetModuleHandleA
IsValidCodePage
lstrcmpiA
QueryPerformanceCounter
GetConsoleOutputCP
IsDebuggerPresent
ReadProcessMemory
FindClose
HeapFree
FreeEnvironmentStringsW
MulDiv

user32

CreateWindowExA
UpdateWindow
MsgWaitForMultipleObjects
DrawMenuBar
GetMessageA
GetMenuItemCount
CreateDialogParamA
GetCapture
GetWindowRect
FillRect
GetWindowDC
DialogBoxIndirectParamA
GetDesktopWindow
PtInRect
SetWindowTextA
ReleaseDC
GetUpdateRgn
GetMenu
BeginDeferWindowPos
GetMenuItemID
EnableWindow
RedrawWindow
DrawFrameControl
DrawEdge
EnumChildWindows
TranslateMessage
RegisterClassExA
GetDlgItemTextA
GetScrollInfo
ModifyMenuA
SendMessageA
LoadImageA
GetClassNameA
GetFocus

msvcrt

exit
__p__commode
_acmdln
_initterm
_XcptFilter
__getmainargs
_except_handler3
_adjust_fdiv
__p__fmode
_exit
_controlfp
__setusermatherr
memcpy
__set_app_type

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1892525c78cf995d0c85c3afed2a90f

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 125KB - Virtual size: 125KB

.data Size: 53KB - Virtual size: 84KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 125KB - Virtual size: 125KB

.data
Size: 53KB - Virtual size: 84KB

.rsrc
Size: 512B - Virtual size: 164B