944d9b0bdb2c43b648d75185acda11ad_JaffaCakes118

General

Target

944d9b0bdb2c43b648d75185acda11ad_JaffaCakes118
Size

113KB
MD5

944d9b0bdb2c43b648d75185acda11ad
SHA1

ce93c39105e5603eef25ba4f91e9c3379240cc68
SHA256

679be5f78b36b26f11004e6419338978b7c19192764af19653b49cef9d231c77
SHA512

d9f593297e2448d3309cdf1c23d15282c320a48502bb0d546e68d81f300108cc0c4e82766ef8cd0ed8eea661111913e60930aa83ba20bd70f9c8298c1c70e4d2
SSDEEP

1536:t7RyCvJ0VymyNKfGQ3iM5Fcn8d86VLIaQn:t7tpQOWck8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
944d9b0bdb2c43b648d75185acda11ad_JaffaCakes118

Files

944d9b0bdb2c43b648d75185acda11ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

85d45eb5ab38167e1ee1fa4b55f420a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memset
memcmp
memcpy
_strcmpi
_strlwr

msvcrt

vsprintf
strlen
wcscpy
wcscat
free
strstr
malloc
??3@YAXPAX@Z
??2@YAPAXI@Z
strcpy

kernel32

GetProcessHeap
HeapFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
WriteFile
SetFileTime
GetCurrentProcess
DuplicateHandle
CreateFileW
CreateFileA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
CreateDirectoryW
CreateDirectoryA
GetLastError
lstrcpyA
lstrlenA
LocalFileTimeToFileTime
lstrcmpA
ReadFile
SetFilePointer
GlobalFree
GlobalAlloc
SystemTimeToFileTime
GetWindowsDirectoryA
MultiByteToWideChar
lstrcmpiA
FreeLibrary
VirtualFree
IsBadReadPtr
LoadLibraryA
EnumTimeFormatsA
CloseHandle
GetLocalTime
SetThreadAffinityMask
ExitProcess
GetVersionExA
GetModuleFileNameA
GetProcAddress
VirtualAlloc
VirtualProtect
HeapAlloc

user32

PeekMessageA
SetWindowTextA
CloseWindow
DialogBoxParamA
ShowWindow
SendMessageA

gdi32

CreateBitmap

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85d45eb5ab38167e1ee1fa4b55f420a5

Headers

File Characteristics

Imports

ntdll

msvcrt

kernel32

user32

gdi32

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 76KB - Virtual size: 76KB

.rsrc Size: 512B - Virtual size: 372B

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 512B - Virtual size: 372B