bd00cff00aa6bd8cd120e6773c26f32f_JaffaCakes118

General

Target

bd00cff00aa6bd8cd120e6773c26f32f_JaffaCakes118
Size

205KB
MD5

bd00cff00aa6bd8cd120e6773c26f32f
SHA1

919260f0aea77f7cdd6c7e6d0aaaf8daa1009cf4
SHA256

34e003d9be0fbbbc8a9c59324a3782173a668f5d8889cc53d0d5b67f168a7e10
SHA512

06874078b8371a8a435e74665dc714a50c3cfa4a1e1ae74deee155a345d9d12c1728ef730205b8f49b55131a037bcfddc8b704af658ba079637db74206245310
SSDEEP

3072:aUXZl9HBpWLoNeey2+QBnRuYfu7al8VJh4xd/p9lFFw04jL0eq0Q2Yb:lRBNNeeyJPYfsalwcdvD4jLpk2Yb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd00cff00aa6bd8cd120e6773c26f32f_JaffaCakes118

Files

bd00cff00aa6bd8cd120e6773c26f32f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7860c2659eea2738890ab0239707d17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
LockResource
SizeofResource
VirtualProtect
VirtualFree
LoadLibraryA
FindClose
VirtualAlloc
GetProcAddress
GetModuleHandleA
LocalFree
SetFileApisToANSI
PulseEvent
WaitForMultipleObjects
CreateFileA
LocalAlloc
ExitProcess
CreateEventA
GetLastError
OpenEventA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetStartupInfoA
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetSystemInfo

user32

DrawTextA
UpdateWindow
ShowWindow
InSendMessage
DestroyWindow
PostMessageA

msvfw32

DrawDibBegin

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7860c2659eea2738890ab0239707d17

Headers

File Characteristics

Imports

kernel32

user32

msvfw32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 176KB - Virtual size: 175KB

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 176KB - Virtual size: 175KB