b44d45a6f09c1147a99a372dd89a029e_JaffaCakes118

General

Target

b44d45a6f09c1147a99a372dd89a029e_JaffaCakes118
Size

358KB
MD5

b44d45a6f09c1147a99a372dd89a029e
SHA1

a118de20c6fcd4f33ee3b67c82f1f5902c66fe42
SHA256

de6cd5b7206e7481065d78098604c2e9c534f2415a7858024f6377b54202ea08
SHA512

22a79941b69a7d3e0acb1f6e89dcee938a26adb1bb13a4d988df53b6f7eac34079fffea3ec3775ce1ad0eabc3718672a05ac19dda26b072ed3c9d082af0acd3b
SSDEEP

6144:+cgyhIKUmx9C8iyQjkcGuYKS7Tr4IOYUuD9+CowU9IBjpyRPNcTRYno5:+cNv92tjIuYKITr4aHowUSfyRPORYnu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b44d45a6f09c1147a99a372dd89a029e_JaffaCakes118

Files

b44d45a6f09c1147a99a372dd89a029e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e304217fc16c011615a0ec22783cbfae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 48KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e304217fc16c011615a0ec22783cbfae

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

0 Size: 12KB - Virtual size: 20KB

1 Size: 4KB - Virtual size: 980B

2 Size: 276KB - Virtual size: 275KB

3 Size: 48KB - Virtual size: 68KB

4 Size: 4KB - Virtual size: 3KB

5 Size: 8KB - Virtual size: 28KB

0
Size: 12KB - Virtual size: 20KB

1
Size: 4KB - Virtual size: 980B

2
Size: 276KB - Virtual size: 275KB

3
Size: 48KB - Virtual size: 68KB

4
Size: 4KB - Virtual size: 3KB

5
Size: 8KB - Virtual size: 28KB