8dc679e5bedaae6e1cb8979e693803e1_JaffaCakes118

General

Target

8dc679e5bedaae6e1cb8979e693803e1_JaffaCakes118
Size

31KB
MD5

8dc679e5bedaae6e1cb8979e693803e1
SHA1

aab2569cb0cb0fcc8d5a914fa86674f0cd00c6ac
SHA256

4fc5a459986dab465f20c369b761e9b30094532689d76adc1de58c8984dc43dc
SHA512

2030042f7b966a13b96acecdd425a1e6fed043d5afb9f3d39be7b6bbc0eb877cd4b4cc29d16d6e2d2fd05de69e1ff2d8b371af30246d568fac719ddf962bf9bd
SSDEEP

768:ByyyyyyyyyyyyyyyyOVPz/e0sL7DpcXTHJYdQId17:A+Ou

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dc679e5bedaae6e1cb8979e693803e1_JaffaCakes118

Files

8dc679e5bedaae6e1cb8979e693803e1_JaffaCakes118
.exe windows:41479 windows x86 arch:x86

f74403d6f455f7b0ce9f8dfd6b90a471

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
UnhandledExceptionFilter
CloseHandle
lstrcmpiW
HeapDestroy
SetFilePointer
GetCurrentThreadId
WaitForSingleObject
VirtualAlloc
ExitProcess
GetProcAddress
GetStartupInfoA
VirtualAlloc
GetTickCount
VirtualAlloc
GetVersionExA
LeaveCriticalSection
GetProcessHeap
InterlockedDecrement
GetSystemTimeAsFileTime
HeapAlloc
GetStartupInfoA
VirtualAlloc
InterlockedDecrement
lstrcpyW
GetCommandLineW
InterlockedDecrement
LoadLibraryA
HeapFree
GetCurrentThreadId
lstrlenW
VirtualAlloc
VirtualFree
LeaveCriticalSection
GetProcAddress
GetStartupInfoA
DeleteCriticalSection
GetCommandLineW
VirtualAlloc
LoadLibraryW
LocalAlloc
Sleep
GetCommandLineA
WriteFile
WriteFile
TerminateProcess

user32

GetMessageW
LoadStringA
GetWindowRect
SetWindowPos
SetCapture
CreateWindowExW
GetDlgItemTextW
MessageBoxW
GetMessageW
ReleaseCapture
PeekMessageW
CreateWindowExW
IsIconic
wsprintfW
GetMessageW
DestroyMenu
GetWindowLongW
IsDialogMessageW
LoadIconW
DestroyMenu
LoadStringW
EndDialog
DispatchMessageW
OffsetRect
SetWindowTextW
ScreenToClient
SetTimer
GetKeyState
SystemParametersInfoW
EndPaint
EnableWindow
CheckDlgButton
GetParent
MessageBoxW
SetCapture
CharNextW
GetFocus
TranslateMessage
GetParent

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f74403d6f455f7b0ce9f8dfd6b90a471

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 12KB