a35214b963ee5cead68a231d3b8c3de3_JaffaCakes118

General

Target

a35214b963ee5cead68a231d3b8c3de3_JaffaCakes118
Size

19KB
MD5

a35214b963ee5cead68a231d3b8c3de3
SHA1

7c8d26718d6293460dff31eb31eaec79dc39abe8
SHA256

34d23a09b17134de800ce3918f21a40faddb9adffbedbf6e4a069a57355c2537
SHA512

d09970c272cda8143d1185c0fe6737813cfacef6fa77494ff096711f66c9335eff830adc7d009deb1f33b6ffdb5beebff89d6bfaf3d429039eb0b4b81c675d58
SSDEEP

384:tdm1P+xScZy07iISygsE3xdhlpEkxlka:GP+ZZ/hS7s4lpf4a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a35214b963ee5cead68a231d3b8c3de3_JaffaCakes118

Files

a35214b963ee5cead68a231d3b8c3de3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18fdea9d6c48c782f6494a0e69db31b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
InterlockedExchange
LoadLibraryA
GetCurrentProcessId
lstrlenW
lstrlenA
GetModuleFileNameA
GetModuleHandleA
HeapAlloc
GetTickCount
GetProcessHeap
GetProcAddress
EnterCriticalSection
DeleteCriticalSection
HeapDestroy
CloseHandle
Sleep
GetCurrentProcess
InterlockedIncrement
MultiByteToWideChar
CreateFileW
CreateEventW
FreeLibrary
InterlockedDecrement
QueryPerformanceCounter
LoadLibraryW
ReadFile
GetModuleFileNameW
VirtualAlloc
InterlockedCompareExchange
CreateThread
GetModuleHandleW
GetSystemTimeAsFileTime
lstrcmpiW
LocalAlloc
UnhandledExceptionFilter
DisableThreadLibraryCalls
LocalFree
SetLastError
HeapFree

user32

LoadStringW
SetWindowLongW
DialogBoxParamW
GetClientRect
ShowWindow
GetFocus
PostMessageW
EnableWindow
KillTimer
InvalidateRect
TranslateMessage
GetDlgItem
LoadIconW
LoadCursorW
IsWindow
CharNextW
ReleaseDC

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18fdea9d6c48c782f6494a0e69db31b1

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 32KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 32KB