b35cbecd541ee0a6084bf77d5ccfb7c0_JaffaCakes118

General

Target

b35cbecd541ee0a6084bf77d5ccfb7c0_JaffaCakes118
Size

216KB
MD5

b35cbecd541ee0a6084bf77d5ccfb7c0
SHA1

7eea782353b9f310240a397f6662c073a4192147
SHA256

739f5033de9c24e0eac42a1145c4a7e3a0f00d68fa9a64d578df86b767116fe0
SHA512

1acd55ec774b515c08d8909e8a517a527976f126de57804beb332fbf63ba13dbb43c4a2ae095aa108da9f250333147f802851132cb13bb8bf01f27450c28eb6d
SSDEEP

6144:eqYuCNcXK4W/UhPcFG6UyhbX4tjRuV8TFJZwc:eqYAa4W/UhPeGiVyzRJZwc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b35cbecd541ee0a6084bf77d5ccfb7c0_JaffaCakes118

Files

b35cbecd541ee0a6084bf77d5ccfb7c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a0b5fa3b06679a68e7fb3c2ea37c596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteTimerQueue
SetEvent
WaitForMultipleObjects
GetLastError
Sleep
VirtualProtect
VirtualAlloc
ReleaseSemaphore
VirtualFree
FreeResource
LocalFree
LockResource
LoadResource
SizeofResource
LocalAlloc
ResetEvent
LoadLibraryA
PulseEvent
GetProcAddress
GetModuleHandleA
CreateThread
CloseHandle
ReadFile
CreateFileA
LeaveCriticalSection
TerminateThread
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemInfo

user32

LoadImageA
DrawIcon
LoadBitmapA
LoadStringA

msvfw32

DrawDibEnd
DrawDibOpen

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rls
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a0b5fa3b06679a68e7fb3c2ea37c596

Headers

File Characteristics

Imports

kernel32

user32

msvfw32

Sections

.text Size: 20KB - Virtual size: 16KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 2KB

.rls Size: 176KB - Virtual size: 175KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 2KB

.rls
Size: 176KB - Virtual size: 175KB