b8c4f8f1f934f2a4b2f3f63cd9e6ceab_JaffaCakes118

General

Target

b8c4f8f1f934f2a4b2f3f63cd9e6ceab_JaffaCakes118
Size

528KB
MD5

b8c4f8f1f934f2a4b2f3f63cd9e6ceab
SHA1

41327f2385a3c8846bfc650125c5d41850f7f39f
SHA256

4a2cbae290d30cb8a3704bb7bee7c719fdcf55327048de5dbf1dae03acb71711
SHA512

c45a370fa7f290417634a8ad5cf808b1243afb20cef82f971719927efffd58243152bbde29478e9d627c588dd3738ef1b1c1b256e3539fc0f781175818d86595
SSDEEP

12288:mrcM5lKm64r6kY3aEm15QEvVAE8RGtdKN6A4:mrcMbrrPiGtdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8c4f8f1f934f2a4b2f3f63cd9e6ceab_JaffaCakes118

Files

b8c4f8f1f934f2a4b2f3f63cd9e6ceab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5311b97035707f43ba786f8a8206d94f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetTempPathA
CopyFileA
ResetEvent
FindFirstChangeNotificationA
DeleteFileA
WaitForMultipleObjects
InterlockedCompareExchange
DeviceIoControl
WaitForSingleObject
GetCurrentProcess
LoadLibraryA
ExitProcess
MultiByteToWideChar
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
Sleep
GetTickCount
FreeLibrary
LoadLibraryW
CreateProcessW
GetProcAddress
GetProfileStringW
FindClose
FindFirstFileA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion

user32

IsDialogMessageW
GetIconInfo
CheckDlgButton
CallNextHookEx
SendMessageTimeoutA
SetWindowTextA
GetClassInfoExA
EnumWindows
GetClassNameW
GetDC
GetWindowLongA
DrawTextA
DefWindowProcW
ReleaseDC
MapWindowPoints
PostMessageW
DestroyWindow
SendMessageA
ValidateRect
DestroyMenu
BeginPaint
OpenClipboard
InvalidateRect
BeginDeferWindowPos
ExitWindowsEx
EndDeferWindowPos
CreateMenu
UnregisterHotKey
GetPropA
RegisterWindowMessageW
GetAsyncKeyState

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 202KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5311b97035707f43ba786f8a8206d94f

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 222KB - Virtual size: 222KB

.rdata Size: 100KB - Virtual size: 100KB

.data Size: 202KB - Virtual size: 410KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 222KB - Virtual size: 222KB

.rdata
Size: 100KB - Virtual size: 100KB

.data
Size: 202KB - Virtual size: 410KB

.rsrc
Size: 2KB - Virtual size: 4KB