c129d0fab85580348abfa5c561c380fc_JaffaCakes118

General

Target

c129d0fab85580348abfa5c561c380fc_JaffaCakes118
Size

216KB
MD5

c129d0fab85580348abfa5c561c380fc
SHA1

5bbf090615c19a137b3943918996610eff5a349c
SHA256

216255ae038fef97a53e26ef39ac7bdfd2c361f6c296eb3381188875743b5f9f
SHA512

0f23172d6dfa5a494a0f639e73038091b3037e7a5af987ff4f8bf146baed1aaac8bd36ef299c0b1e9a1c926b9a61e200c506079bd28c37a60b4d010e149c46bd
SSDEEP

3072:rISsiN3iylr84LdMuRCG14ZOrPguryZTKFhG8h9DKq:rILiZfd9AK4krPVSTKFhBrDP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c129d0fab85580348abfa5c561c380fc_JaffaCakes118

Files

c129d0fab85580348abfa5c561c380fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c99dc00768a8ab54cda6c909ce9c3246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect
GetProcessHeap
LocalLock
GetExitCodeProcess
ResetEvent
OpenSemaphoreA
VirtualFree
VirtualAlloc
GetModuleHandleA
LocalReAlloc
LeaveCriticalSection
GetSystemInfo
GetLocaleInfoA
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapAlloc
HeapReAlloc
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
InterlockedExchange
VirtualQuery
FlushFileBuffers
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle

user32

GetClientRect
EnableWindow
LoadBitmapA
LoadImageA
DestroyWindow
CreateWindowExA
ShowWindow

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c99dc00768a8ab54cda6c909ce9c3246

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 116KB - Virtual size: 165KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 116KB - Virtual size: 165KB