8c70b8d05096f429ff0e08c65e3054d0_JaffaCakes118

General

Target

8c70b8d05096f429ff0e08c65e3054d0_JaffaCakes118
Size

164KB
MD5

8c70b8d05096f429ff0e08c65e3054d0
SHA1

93349363a101bb2eac87f70aa8f083badbfc60b5
SHA256

48b0eb7494c93ae0a62eca8761334af1d8a1c7e22b3da85536d53a3ec6c40f43
SHA512

dd1787523d95f51a284b8778fa0240cf473b501fb433592617d8e41326b2dc70d399f3d3590994dff21acc4b8b1b9a21127dd6557bdaae603d808c4a7db5d65a
SSDEEP

3072:JtOBwK0TlLm8lirVlOJARb1X28BVmXIVWTjj3vfo69c:J8BO61ZlnzuXIVyHI6+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c70b8d05096f429ff0e08c65e3054d0_JaffaCakes118

Files

8c70b8d05096f429ff0e08c65e3054d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b24a0f7852654bec38bd98b73c23715f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReleaseCapture
GetDC
GetWindowInfo
SetCursor
ReleaseDC
GetWindowLongA
IsWindow
LoadCursorA
SetWindowLongA
FillRect
SetWindowPos
GetDlgItem
MoveWindow
GetSysColor
SetCapture

winmm

mciSendCommandA
sndPlaySoundA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetCurrentProcess
Sleep
GetCalendarInfoW
CreateProcessA
HeapAlloc
GetSystemTimeAsFileTime
LoadLibraryExW
UnhandledExceptionFilter
MultiByteToWideChar
WriteFile
GetStartupInfoA
CreateFileW
QueryPerformanceCounter
GetSystemTime
HeapDestroy
GetStdHandle
CloseHandle
GetProcessHeap
EnumResourceNamesA
LoadLibraryW
GetThreadLocale
GetCurrentThreadId
TerminateProcess
SetUnhandledExceptionFilter
LocalAlloc
IsDebuggerPresent
GetTickCount
HeapSize
FindFirstFileW
InterlockedExchange
GetLocaleInfoA
HeapFree
lstrlenA
lstrlenW
SystemTimeToFileTime
GetACP
HeapReAlloc
InterlockedCompareExchange
GetEnvironmentVariableA
GetModuleHandleA
GetCurrentProcessId
RaiseException
WideCharToMultiByte
lstrcpynW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b24a0f7852654bec38bd98b73c23715f

Headers

File Characteristics

Imports

user32

winmm

version

kernel32

oleacc

ole32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 2KB - Virtual size: 2KB

.bss Size: 67KB - Virtual size: 66KB

.rsrc Size: 1024B - Virtual size: 100KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 2KB - Virtual size: 2KB

.bss
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 1024B - Virtual size: 100KB