952bb68efec43fcb8e955deb32e1e997_JaffaCakes118

General

Target

952bb68efec43fcb8e955deb32e1e997_JaffaCakes118
Size

331KB
MD5

952bb68efec43fcb8e955deb32e1e997
SHA1

8b60228bf566bf84816dfda6ca957d0da1d10a46
SHA256

66e02e0568f11b4f0589cec989c13e28416cb489de9cd852a447f132bf469c82
SHA512

ee2082a0e4ffb317c20381cfcaba51674a01e61139f447d24320f0feba73b0e0a52754f784b1710fd704d6077d45cfafe3c22549d2d9d33bfcd5b8831e39e621
SSDEEP

6144:gSN2tjcNkD63KcAOTqUn2lQmIMe5te22NEYTKI+AQ:gGwj0xvrf2lQmLe5Q22NEYT1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
952bb68efec43fcb8e955deb32e1e997_JaffaCakes118

Files

952bb68efec43fcb8e955deb32e1e997_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8277b1217d1b2d576464f9a9b6f0e897

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
GetProcessHeap
GetLastError
VirtualFree
CloseHandle
WriteFile
OpenFile
LocalUnlock
FindFirstFileA
ExitProcess
LoadLibraryA
OpenMutexA
ResumeThread
GetCurrentThread
HeapLock
FindClose
TerminateThread
OpenEventA
CreateThread
GetEnvironmentStrings
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
GetSystemTimeAsFileTime
GetProcAddress
SuspendThread
WaitForMultipleObjects
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DeleteFileA
QueryPerformanceCounter
Sleep

user32

LoadBitmapA
LoadIconA
ShowWindow
PostQuitMessage
KillTimer
SetCursor
GetClientRect
PostMessageA
GetWindowRect
SetCursorPos
IsIconic

gdi32

GetPixel
GetBrushOrgEx

ole32

CoInitialize
CoCreateInstance

avifil32

AVIFileExit

msvfw32

ICRemove
DrawDibClose
DrawDibStart

gdiplus

GdiplusStartup
GdiplusShutdown

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8277b1217d1b2d576464f9a9b6f0e897

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

avifil32

msvfw32

gdiplus

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 284KB - Virtual size: 283KB

.tls Size: 4KB - Virtual size: 2KB

.rsrc Size: 27KB - Virtual size: 354KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 284KB - Virtual size: 283KB

.tls
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 27KB - Virtual size: 354KB