b8483f8b4f829678755b1ed4361d8aba_JaffaCakes118

General

Target

b8483f8b4f829678755b1ed4361d8aba_JaffaCakes118
Size

159KB
MD5

b8483f8b4f829678755b1ed4361d8aba
SHA1

a66eba654a24f6c02eb11d6d6f029dd53882c751
SHA256

9568b29693b0e735db2ee56cf9de985518d7daea69068ceb5ae92e1357aee8c6
SHA512

b79bb1d185e41d35e33fdac751e724a5ce4ed574813d892023fa68c9e2db6daa5e9474e151d32faa5f106884f4621bbd6bb1a5313bd995a9a39767f73758608a
SSDEEP

3072:JCWe8zZ+4e2ThQgDJCdIQi0qNZAXmAd9ZYkwvoNsvuwGj6815:U8Ne2TugD5rrAWU9ZwgNs+W815

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8483f8b4f829678755b1ed4361d8aba_JaffaCakes118

Files

b8483f8b4f829678755b1ed4361d8aba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed64e6a16c06fa6c6f43adbc6e69e746

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
SetLastError
InterlockedIncrement
GetCurrentThreadId
ExitProcess
CloseHandle
GetFileType
Sleep
InterlockedDecrement
FindClose
GlobalAlloc
HeapCreate
InitializeCriticalSection
CreateProcessA
TerminateProcess
GetProcAddress
GetStringTypeW
HeapReAlloc
GetACP
FindNextFileA
lstrcpynA
CompareStringA
GetStartupInfoA
WriteFile
CreateFileA
InterlockedExchange
ReadFile
GetStringTypeA
GetCPInfo
GetTempPathA
SetStdHandle
TlsFree
GlobalLock
GetCommandLineA
MultiByteToWideChar
SetErrorMode
UnhandledExceptionFilter
WideCharToMultiByte
DeleteFileA
WriteConsoleW
WaitForMultipleObjects
GetCurrentProcessId
GetCurrentProcess
HeapAlloc
GetFileAttributesW
LoadLibraryA
GetVersionExA
GetThreadLocale
GetTickCount
IsDebuggerPresent
FreeLibrary
GetModuleHandleW
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
SetHandleCount
EnterCriticalSection
HeapFree
GetProcessHeap
GetModuleHandleA

user32

GetParent
IsWindow
GetWindowRect
EnableWindow
IsWindowEnabled
CreateWindowExA
GetDlgItem

msvcrt

_initterm
_controlfp
_except_handler3
__set_app_type
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_strcmpi
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 624KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed64e6a16c06fa6c6f43adbc6e69e746

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 8KB - Virtual size: 4KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 624KB - Virtual size: 624KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 4KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 624KB - Virtual size: 624KB

.rsrc
Size: 8KB - Virtual size: 4KB