a34829c61ecb7b2c0d159160fb47eed7_JaffaCakes118

General

Target

a34829c61ecb7b2c0d159160fb47eed7_JaffaCakes118
Size

112KB
MD5

a34829c61ecb7b2c0d159160fb47eed7
SHA1

372875df658ec4be6f91d2e8b05a46bd94c32260
SHA256

0d544abbe0dbeea17c86ffaeda6fde19931ae17a110e57544a2a919cc10f7185
SHA512

d3de822ea0188e8f57cfd2ab56ede6f0c835444583c1fee1c46f18558744f09a09d5ecdd57fb04a3a3db439eff8925b57674ca5df07a9622eb4d0cc076c9b8b6
SSDEEP

1536:2CLIAODbPeFfeXGjgBdJBFDgyjA723h7kRDOrQR1QQWV7Fjn2WEbPLzR:rLPODbPOf6GkBv/dOOr81QWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a34829c61ecb7b2c0d159160fb47eed7_JaffaCakes118

Files

a34829c61ecb7b2c0d159160fb47eed7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

eb31fee849948d344bfe2c5f97d03b4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
Sleep
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
FindNextFileA
GetLastError
GetLogicalDriveStringsA
FindFirstFileA
HeapCreate
HeapAlloc
GlobalAlloc
GetProcessHeap
GetTickCount
HeapFree
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
IsProcessorFeaturePresent

user32

GetMessageA
RegisterClassExA
SendDlgItemMessageA
LoadStringA
LoadIconA
EnumWindows
TranslateMessage
MessageBoxA
UnregisterClassA
TranslateAcceleratorA
DefWindowProcA
GetDesktopWindow
LoadAcceleratorsA
ShowWindow
DispatchMessageA
UpdateWindow
LoadCursorA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb31fee849948d344bfe2c5f97d03b4e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 73KB - Virtual size: 76KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 73KB - Virtual size: 76KB

.rsrc
Size: 10KB - Virtual size: 10KB