8ec3d51e172b9c70f6d2aaea1eee6234_JaffaCakes118

General

Target

8ec3d51e172b9c70f6d2aaea1eee6234_JaffaCakes118
Size

220KB
MD5

8ec3d51e172b9c70f6d2aaea1eee6234
SHA1

45d901a6f928c0c1c7980fee43c53d0b139588cb
SHA256

0e33becd1e73ce297087bd4cdb8a136caab326753158ed651eeaf3611ca6cae8
SHA512

0ca3d59ca0ed4ece5150fbfef6c322a4b13ad4b0a437c15f1cabeec7bc8a9ca16c6c6899452ba3e3ac2f4a90459983ab0d4e4fb347dd047f3c6263712e6c933b
SSDEEP

3072:sFjEQHKe6lInLixZhIQThSBbAKOqYNl58euX4ocnUX6haEv/nZJ/GO2ZujbCqN4d:sPqYaybAldKikCX2pZuKp0P3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ec3d51e172b9c70f6d2aaea1eee6234_JaffaCakes118

Files

8ec3d51e172b9c70f6d2aaea1eee6234_JaffaCakes118
.exe windows:4 windows x86 arch:x86

627c306cb629c4dffa3586d3c6785d32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenSemaphoreA
VirtualLock
GetEnvironmentStrings
VirtualFree
GetLastError
VirtualUnlock
Sleep
VirtualAlloc
LocalLock
WaitForSingleObject
CreateEventA
FindClose
VirtualProtect
LoadLibraryA
GetCurrentProcessId
GetProcAddress
IsBadCodePtr
GetModuleHandleA
HeapDestroy
DeleteFileA
ResetEvent
GetExitCodeThread
VirtualAllocEx
GetProcessHeap
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetSystemInfo
GetACP
HeapFree
HeapCreate
GetFileType
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW

user32

PostQuitMessage
IsWindowVisible
IsZoomed
LoadCursorA
GetDesktopWindow
GetCursorPos
SetTimer
ReleaseDC
DestroyWindow
CreateIcon
IsIconic
SetCursorPos
GetWindowRect
SetCursor
FindWindowA
EnumThreadWindows
GetDC

shell32

SHGetFolderLocation
SHGetFileInfoA
ord256

psapi

GetWsChanges
EmptyWorkingSet

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

627c306cb629c4dffa3586d3c6785d32

Headers

File Characteristics

Imports

kernel32

user32

shell32

psapi

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 32KB - Virtual size: 32KB

.rsrc Size: 156KB - Virtual size: 153KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 156KB - Virtual size: 153KB