adee9113d239a78bc124c9d0ab760a00_JaffaCakes118

General

Target

adee9113d239a78bc124c9d0ab760a00_JaffaCakes118
Size

168KB
MD5

adee9113d239a78bc124c9d0ab760a00
SHA1

69fbb4692e816a9b1b228f9911de5212a69a4991
SHA256

9c01f5ad79305e4d4be74120d6d9b0a700cc1b1ba04f3d0c86f0607f714bcd84
SHA512

a438468711f148a47da732f0bd289838fcb9469593cc3f193d93c936ab07e1ba4a4f85ffeb471969e48b7be37f72c4398ed1bd5abae5c82d24c8a0b9b79e9af4
SSDEEP

3072:21VIlUYHi3WfD/RYxVOf/F08lVERp4bszytzaTNnDZgNmJ3Y:2QiqDZxf/F0iqRpzAsNNgNmpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adee9113d239a78bc124c9d0ab760a00_JaffaCakes118

Files

adee9113d239a78bc124c9d0ab760a00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15fcd3fb703e233e90be1e935cb62ef4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
WaitForSingleObject
VirtualFree
LoadLibraryA
FlushFileBuffers
VirtualAlloc
VirtualProtect
GetProcAddress
GetModuleHandleA
VirtualFreeEx
CreateEventA
Sleep
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
VirtualQuery
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
InterlockedExchange
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
HeapReAlloc
HeapCreate
LCMapStringW
GetCurrentThread
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetSystemInfo
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

ShowWindow
TranslateMessage
DispatchMessageA
SendMessageA
PostMessageA
GetMessageA
UpdateWindow
GetDesktopWindow
GetDC
GetCursorPos
SetTimer
ReleaseDC
GetLastActivePopup
CreateIcon
IsIconic
SetCursorPos
GetSysColorBrush
GetWindowRect
LoadCursorA

gdi32

GetPixel

psapi

GetModuleBaseNameA
GetWsChanges

msvfw32

DrawDibEnd
ICGetInfo

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15fcd3fb703e233e90be1e935cb62ef4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

psapi

msvfw32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 72KB - Virtual size: 71KB

.rsrc Size: 64KB - Virtual size: 152KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 72KB - Virtual size: 71KB

.rsrc
Size: 64KB - Virtual size: 152KB