b78fc649aeb0bce6763ed48db4602ac3_JaffaCakes118

General

Target

b78fc649aeb0bce6763ed48db4602ac3_JaffaCakes118
Size

21KB
MD5

b78fc649aeb0bce6763ed48db4602ac3
SHA1

4559bcc9c8f451ee3a705628441d1f5add16a277
SHA256

189b9ef65f1f4768add2e86bd669e1e64f2ba82d0b6a50bdcbc63f0878a79fca
SHA512

b7767919f88810fad9a5e8c0c363d0875061f761634743af137c334828293a308832a0ad122e6538b1886398ccbbdbb9d62d64122ce395918924cd9eb2642eb7
SSDEEP

384:ByyyyyyyyyyyyyyyyUYh/0bqzRa/an/Hv5Czw8F41ARFgFGOifoBxS:ByyyyyyyyyyyyyyyyDhkYRr/PKw8Cmsw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b78fc649aeb0bce6763ed48db4602ac3_JaffaCakes118

Files

b78fc649aeb0bce6763ed48db4602ac3_JaffaCakes118
.exe windows:51523 windows x86 arch:x86

1c22f0b9a1dc6482e4c1399693d013f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
SetUnhandledExceptionFilter
HeapReAlloc
SetUnhandledExceptionFilter
GetStartupInfoA
DeleteCriticalSection
LoadLibraryW
CreateFileW
Sleep
QueryPerformanceCounter
VirtualAlloc
UnhandledExceptionFilter
CloseHandle
GetACP
Sleep
GetLastError
GetModuleHandleW
GetLastError
GetSystemTimeAsFileTime
Sleep
HeapDestroy
GetLastError
WriteFile
LocalAlloc
GetStartupInfoW
InterlockedIncrement
LocalFree
InterlockedDecrement
ExitProcess
WriteFile
GetProcessHeap
GetCommandLineA
SetUnhandledExceptionFilter

user32

GetKeyState
CopyRect
DrawTextW
FillRect
ReleaseDC
IsDialogMessageW
MessageBoxW
LoadIconW
MessageBoxW
SetDlgItemTextW
ShowWindow
IsWindowVisible
TranslateMessage
InvalidateRect
LoadStringW
DispatchMessageA
DestroyMenu
GetClientRect
SetCursor
PeekMessageW
GetCursorPos
GetDlgItemTextW
LoadCursorW
GetDlgItem
CheckDlgButton
GetFocus

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c22f0b9a1dc6482e4c1399693d013f4

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 5KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 5KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB