afe53947ff93ee37dcfe0e0063d20fd0_JaffaCakes118

General

Target

afe53947ff93ee37dcfe0e0063d20fd0_JaffaCakes118
Size

373KB
MD5

afe53947ff93ee37dcfe0e0063d20fd0
SHA1

25103a786fe41c4bd141ced366ca32f8701257ae
SHA256

022c7e67580901e5d7d724f3b87f53555d3d0614173895a9c366d11cab1ebfab
SHA512

26491d259a8f047d783944776a9d28b6e6d32881e20c7bdae017bd6741bf233ee85bf5af4f7c862974976834f96adeea907aef4e0c81cb72837b67cd521e5a0a
SSDEEP

6144:x4PGzwtiEwr5vH/kQV1hosndUBd9OYe0HaCnGs7Ztrv3auOgM7cVVgc:SPNtivvHcMWwKByYzXnGevKuea2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afe53947ff93ee37dcfe0e0063d20fd0_JaffaCakes118

Files

afe53947ff93ee37dcfe0e0063d20fd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ffe0fb1614bec51cad78f1fc518f64b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
GetLastError
OpenMutexA
CreateMutexA
CloseHandle
VirtualAlloc
ResumeThread
CreateThread
Sleep
GetProcAddress
VirtualFree
GetModuleHandleA
ExitProcess
GlobalAlloc
SuspendThread
GetSystemInfo
VirtualProtect
GetLocaleInfoA
RtlUnwind
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
GetStartupInfoA
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
VirtualQuery

user32

SetTimer
GetDC
LoadCursorA
GetCursorPos
GetDesktopWindow

msvfw32

DrawDibChangePalette

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ffe0fb1614bec51cad78f1fc518f64b

Headers

File Characteristics

Imports

kernel32

user32

msvfw32

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 252KB - Virtual size: 251KB

.rsrc Size: 89KB - Virtual size: 548KB

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 252KB - Virtual size: 251KB

.rsrc
Size: 89KB - Virtual size: 548KB