b3f5072be42b445c35c94718be886b9f_JaffaCakes118

General

Target

b3f5072be42b445c35c94718be886b9f_JaffaCakes118
Size

119KB
MD5

b3f5072be42b445c35c94718be886b9f
SHA1

51e6c1e02858109503c731963531a5d3b35247b9
SHA256

bc1643a8de2c12e6a88f168e2c9b2abc6cf26a12638a881925a32ea01cae81b4
SHA512

740227305cfc975a85674ff4baa1e6e04a2f8d3b0ad9670030ffa885c77f55f616623a0013b14e0916241a1be13d3ca4c244945b435534878425da0b0cf2a490
SSDEEP

3072:j8RdG9plhlMZd/ahd8EbKwKsr9eujaj1TM2ADW+N:2d0wZBahd8Eb1lwj1TfADWa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3f5072be42b445c35c94718be886b9f_JaffaCakes118

Files

b3f5072be42b445c35c94718be886b9f_JaffaCakes118
.exe windows:1 windows x86 arch:x86

9f1a950381325d82e3f53ab5952e6b73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ClipCursor
CreateIcon
DdeNameService
EqualRect
FillRect
FindWindowExA
GetKeyboardLayout
GetTopWindow
InvalidateRect
IsZoomed
LoadCursorA
MonitorFromRect
PeekMessageA
PostQuitMessage

kernel32

AllocConsole
BackupSeek
CancelIo
CopyFileA
CreateEventA
CreateThread
DeleteFileA
DeleteFileW
FoldStringA
GetCommandLineA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileAttributesA
GetLastError
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetThreadTimes
GetVolumeInformationA
HeapFree
IsBadStringPtrA
LocalAlloc
MoveFileA
OpenFile
Sleep
TlsFree
VirtualAlloc
lstrcatA
lstrcpynA

advapi32

SetTokenInformation

gdi32

AnimatePalette
DeleteObject
EndDoc
FrameRgn
GetDeviceCaps
MoveToEx
PolylineTo
SetBkMode
SetTextColor
StartDocA

Sections

.text
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 535B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f1a950381325d82e3f53ab5952e6b73

Headers

File Characteristics

Imports

user32

kernel32

advapi32

gdi32

Sections

.text Size: 512B - Virtual size: 256B

.data Size: 112KB - Virtual size: 112KB

.code Size: 1024B - Virtual size: 535B

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 408B

.text
Size: 512B - Virtual size: 256B

.data
Size: 112KB - Virtual size: 112KB

.code
Size: 1024B - Virtual size: 535B

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 408B