bde4f47c48f524c19c546f7d2edc0e02_JaffaCakes118

General

Target

bde4f47c48f524c19c546f7d2edc0e02_JaffaCakes118
Size

342KB
MD5

bde4f47c48f524c19c546f7d2edc0e02
SHA1

4d1d0046dd4249d4a2180124d29ec8e14847acb9
SHA256

94bfda9ae6b574ee3e19da5ec8b99d7d7b3f35cb0de8d2dfddfd6893c5a93600
SHA512

731feb2c7b2b6035aec79dc344fea61ec0bbb006c43b7f02c2cd9917de6ea13b7adbc1c63d47774142edad13a99d0e2da66d4beeafaf5996394ad67cb0c8609c
SSDEEP

6144:hTPgNpYChDmMkKbU+0F4zaqHt6z0h2kI0rHBLacfEV3wrB1L:/C7kKU0aMyyBzBf+3wrB1L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bde4f47c48f524c19c546f7d2edc0e02_JaffaCakes118

Files

bde4f47c48f524c19c546f7d2edc0e02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be65f2a923b77d770b81b289e5f7ce0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
ShowWindow
PostQuitMessage
GetMessageA
DispatchMessageA
TranslateMessage
CreateWindowExA
RegisterClassExA
DefWindowProcA
SendMessageA
SetWindowTextA

kernel32

ExitProcess
CreateFileA
HeapAlloc
GetProcAddress
GetLastError
LoadLibraryA
GetModuleHandleA
GetCommandLineA
FindFirstFileA
GetEnvironmentStrings
GetVersion
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
SetHandleCount
GetVersionExA
GetEnvironmentVariableA
HeapDestroy
WriteFile
VirtualFree
HeapReAlloc
VirtualAlloc
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
RtlUnwind
GetACP
GetCPInfo
GetModuleFileNameA
GetStdHandle
GetOEMCP
GetFileType
MapViewOfFile
UnmapViewOfFile
HeapFree
GetCurrentProcess
CloseHandle
FindNextFileA
GetFileSize
HeapCreate
FindClose

gdi32

DeleteObject

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be65f2a923b77d770b81b289e5f7ce0e

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 9KB - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 432B

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 9KB - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 432B