acb1854322386c4f576c0eae45208351_JaffaCakes118

General

Target

acb1854322386c4f576c0eae45208351_JaffaCakes118
Size

272KB
MD5

acb1854322386c4f576c0eae45208351
SHA1

4643f9e6392716fd6bd0c3f893031df56a6c28f1
SHA256

3972d60370148300a8837958a3550f837d09bbf98ad9d688759f0191b6ba06bb
SHA512

30065329ecf447fb52236a59b439ff5240f2a98508fecc6652e03b41ae6edda180c5da98aef4c67136459db1d06ce4be2ba6d9a85c6a76e65148e46a83b0bbc0
SSDEEP

6144:UbKYdIEGPaBh4Tg7Sr5lAfvPJSgvHrsl/gyYbotEa7l7hh:Ubb7BWSSVCRhHYR9sOd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acb1854322386c4f576c0eae45208351_JaffaCakes118

Files

acb1854322386c4f576c0eae45208351_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b29e9d1b956d0b280de2cf929639b9ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateEventA
CreateMutexA
GetVersionExA
CreateSemaphoreA
VirtualAlloc
GetModuleHandleW
GetProcAddress
IsBadWritePtr
HeapReAlloc
HeapAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetModuleFileNameA
WriteFile
RtlUnwind
HeapFree
VirtualFree
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetCurrentThread
HeapDestroy
HeapCreate
LoadLibraryA

user32

IsChild
CloseWindow
IsWindow
AnimateWindow
OpenIcon
GetParent
IsIconic

shlwapi

StrPBrkW
StrRStrIW

secur32

LsaFreeReturnBuffer

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 236KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.norman
Size: 4KB - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b29e9d1b956d0b280de2cf929639b9ce

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

secur32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 236KB - Virtual size: 272KB

.norman Size: 4KB - Virtual size: 988B

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 236KB - Virtual size: 272KB

.norman
Size: 4KB - Virtual size: 988B

.rsrc
Size: 4KB - Virtual size: 2KB