8cb9fd2ad2446ebbf9122a470735be83_JaffaCakes118

General

Target

8cb9fd2ad2446ebbf9122a470735be83_JaffaCakes118
Size

448KB
MD5

8cb9fd2ad2446ebbf9122a470735be83
SHA1

f3f6b53fde8a92187bd6e6df0381c1c3cc57b17d
SHA256

5e6e03a89882cb1a4a3300e99206e929aad45932a3e383e790ac29b69dad9478
SHA512

fa9daa9035abfb5fb58dc32291f3e91314bccca18c9c8000ffc9a1fb101f88e759c488517e3de6a3ef22c92c3f01055185d65811b28ce0d99814ac9016c4c186
SSDEEP

12288:3k0J+0pGufmL5MZZWyan1sVsz/YM5m+J6t5tz:00JJLmLOLWtn1r5hEtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cb9fd2ad2446ebbf9122a470735be83_JaffaCakes118

Files

8cb9fd2ad2446ebbf9122a470735be83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67f6b0b4ff124f16e89bfcc2aa1e5f04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
WriteFile
SetEvent
Sleep
GetProcAddress
GetLastError
VirtualAlloc
ResetEvent
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
RtlUnwind
MultiByteToWideChar
GetStringTypeA
CloseHandle

user32

ShowWindow
LoadStringA
SetActiveWindow

winmm

joyGetPosEx
mixerClose
joyGetDevCapsA
joySetThreshold

Exports

Exports

?Exfit2@@YAKKK@Z
?Exfit@@YAKKK@Z

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67f6b0b4ff124f16e89bfcc2aa1e5f04

Headers

File Characteristics

Imports

kernel32

user32

winmm

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 392KB - Virtual size: 612KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 392KB - Virtual size: 612KB