bdee08cea0f863359f1be7cdd5605d46_JaffaCakes118

General

Target

bdee08cea0f863359f1be7cdd5605d46_JaffaCakes118
Size

170KB
MD5

bdee08cea0f863359f1be7cdd5605d46
SHA1

b14e01d3c4e0026d5c489d2f4c3ed1cdf07f69ca
SHA256

fccc5bc206195fd6394b36f1f9c954ba8d6f11b497be11b8c1d1b2b8f1350567
SHA512

7bf56feb53a71d6a16b6366686a66285ada8c2cc95dfaf2a7d8caecd8b4bc399630d0b71f6231ae117376fb588ca72cd902827dfa66312c3955f85bdaec20d7f
SSDEEP

3072:DnwzPrIonOVHziDSyrmzbBOnaXPRtWa8xOa53PR0xYtQuzIlXTcM:LwzVn6HziDSywXPoOaNmatgl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdee08cea0f863359f1be7cdd5605d46_JaffaCakes118

Files

bdee08cea0f863359f1be7cdd5605d46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2dc6402ba70c8d4ab40fa57054d7f758

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcatA
InitializeCriticalSection
GetProcAddress
LocalFree
RaiseException
LocalAlloc
GetModuleHandleA
LeaveCriticalSection
EnterCriticalSection
SearchPathA
ResumeThread
WriteProcessMemory
HeapValidate
GetCurrentThreadId
QueryPerformanceCounter
QueryPerformanceFrequency
GetPrivateProfileSectionA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

user32

DefWindowProcA
AdjustWindowRectEx

Sections

0
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 102KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

3
Size: 48KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2dc6402ba70c8d4ab40fa57054d7f758

Headers

File Characteristics

Imports

kernel32

user32

Sections

0 Size: - Virtual size: 420KB

1 Size: 102KB - Virtual size: 108KB

2 Size: 2KB - Virtual size: 4KB

3 Size: 48KB - Virtual size: 75KB

4 Size: 3KB - Virtual size: 3KB

5 Size: 10KB - Virtual size: 36KB

0
Size: - Virtual size: 420KB

1
Size: 102KB - Virtual size: 108KB

2
Size: 2KB - Virtual size: 4KB

3
Size: 48KB - Virtual size: 75KB

4
Size: 3KB - Virtual size: 3KB

5
Size: 10KB - Virtual size: 36KB